Tetrate Service ExpressVersion: Latest

API Reference

Packages:

tsb.tetrate.io/v2
application.tsb.tetrate.io/v2
extension.tsb.tetrate.io/v2
gateway.tsb.tetrate.io/v2
istiointernal.tsb.tetrate.io/v2
rbac.tsb.tetrate.io/v2
security.tsb.tetrate.io/v2
traffic.tsb.tetrate.io/v2

tsb.tetrate.io/v2

Resource Types:

Cluster
Organization
OrganizationSetting
ServiceAccount
Team
Tenant
TenantSetting
Workspace
WorkspaceSetting

Cluster

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	tsb.tetrate.io/v2	true
kind	string	Cluster	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	A Kubernetes cluster managing both pods and VMs.	false
status	object		false

Cluster.spec

^{^{↩ Parent}}

A Kubernetes cluster managing both pods and VMs.

Name	Type	Description	Required
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
installTemplate	object		false
labels	map[string]string		false
locality	object	Deprecated.	false
namespaceScope	object	Configure the default scoping of namespaces in this cluster.	false
namespaces	[]object		false
network	string	The network (e.g., VPC) where this cluster is present.	false
serviceAccount	object	The service account created with permissions to manage the current cluster.	false
state	object		false
tier1Cluster	boolean	Indicates whether this cluster is hosting a tier1 gateway or not.	false
tokenTtl	string	Lifetime of the tokens.	false
trustDomain	string	Trust domain for this cluster, used for multi-cluster routing.	false

Cluster.spec.installTemplate

^{^{↩ Parent}}

Name	Type	Description	Required
helm	object	valid values.yaml to be used with controlplane helm chart.	false
message	string		false

Cluster.spec.installTemplate.helm

^{^{↩ Parent}}

valid values.yaml to be used with controlplane helm chart.

Name	Type	Description	Required
image	object	Values for the TSB operator image.	false
operator	object	Values for the TSB operator application.	false
secrets	object	Values for the Control Plane secrets.	false
spec	object	Values for the Control Plane CR spec.	false

Cluster.spec.installTemplate.helm.image

^{^{↩ Parent}}

Values for the TSB operator image.

Name	Type	Description	Required
registry	string	Registry used to download the operator image.	false
tag	string	The tag of the operator image.	false

Cluster.spec.installTemplate.helm.operator

^{^{↩ Parent}}

Values for the TSB operator application.

Name	Type	Description	Required
deployment	object	Values for the TSB operator deployment.	false
service	object	Values for the TSB operator service.	false
serviceAccount	object	Values for the TSB operator service account.	false

Cluster.spec.installTemplate.helm.operator.deployment

^{^{↩ Parent}}

Values for the TSB operator deployment.

Name	Type	Description	Required
affinity	object	Affinity configuration for the pod.	false
annotations	map[string]string	Custom collection of annotations to add to the deployment.	false
env	[]object	Custom collection of environment vars to add to the container.	false
podAnnotations	map[string]string	Custom collection of annotations to add to the pod.	false
replicaCount	integer	Number of replicas managed by the deployment. Format: int32	false
strategy	object	Deployment strategy to use.	false
tolerations	[]object	Toleration collection applying to the pod scheduling.	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity

^{^{↩ Parent}}

Affinity configuration for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.operator.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.operator.deployment.strategy

^{^{↩ Parent}}

Deployment strategy to use.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.operator.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.operator.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.operator.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.operator.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.operator.service

^{^{↩ Parent}}

Values for the TSB operator service.

Name	Type	Description	Required
annotations	map[string]string	Custom collection of annotations to add to the service.	false

Cluster.spec.installTemplate.helm.operator.serviceAccount

^{^{↩ Parent}}

Values for the TSB operator service account.

Name	Type	Description	Required
annotations	map[string]string	Custom collection of annotations to add to the service account.	false
imagePullSecrets	[]string	Collection of secrets names required to be able to pull images from the registry.	false
pullPassword	string		false
pullSecret	string	A Docker config JSON to be stored in a secret to be used as an image pull secret.	false
pullUsername	string		false

Cluster.spec.installTemplate.helm.secrets

^{^{↩ Parent}}

Values for the Control Plane secrets.

Name	Type	Description	Required
clusterServiceAccount	object	Cluster service account used to authenticate to the Management Plane.	false
elasticsearch	object	Secrets to reach the Elasticsearch.	false
tsb	object	Secrets to reach the TSB Management Plane.	false
xcp	object	Secrets to reach the XCP Central in the Management Plane.	false

Cluster.spec.installTemplate.helm.secrets.clusterServiceAccount

^{^{↩ Parent}}

Cluster service account used to authenticate to the Management Plane.

Name	Type	Description	Required
JWK	string	Literal JWK used to generate and sign the tokens for all the Control Plane agents.	false
clusterFQN	string	TSB FQN of the onboarded cluster resource.	false
encodedJWK	string	Base64-encoded JWK used to generate and sign the tokens for all the Control Plane agents.	false

Cluster.spec.installTemplate.helm.secrets.elasticsearch

^{^{↩ Parent}}

Secrets to reach the Elasticsearch.

Name	Type	Description	Required
cacert	string	Elasticsearch CA cert TLS used by control plane to verify TLS connection.	false
password	string	The password to access Elasticsearch.	false
username	string	The username to access Elasticsearch.	false

Cluster.spec.installTemplate.helm.secrets.tsb

^{^{↩ Parent}}

Secrets to reach the TSB Management Plane.

Name	Type	Description	Required
cacert	string	CA certificate used to verify TLS certs exposed the Management Plane (front envoy).	false

Cluster.spec.installTemplate.helm.secrets.xcp

^{^{↩ Parent}}

Secrets to reach the XCP Central in the Management Plane.

Name	Type	Description	Required
autoGenerateCerts	boolean	Enabling this will auto generate XCP Edge certificate if mTLS is enabled to authenticate to XCP Central.	false
edge	object	Secrets for the XCP Edge component.	false
rootca	string	CA certificate of XCP components.	false
rootcakey	string	Key of the CA certificate of XCP components.	false

Cluster.spec.installTemplate.helm.secrets.xcp.edge

^{^{↩ Parent}}

Secrets for the XCP Edge component.

Name	Type	Description	Required
cert	string	Edge certificate used for mTLS with XCP Central.	false
key	string	Key of the Edge certificate used for mTLS with XCP Central.	false
token	string	JWT token used to authenticate XCP Edge against the XCP Central.	false

Cluster.spec.installTemplate.helm.spec

^{^{↩ Parent}}

Values for the Control Plane CR spec.

Name	Type	Description	Required
components	object	The set of components that make up the control plane.	false
hub	string	TSB container hub path e.g.	false
imagePullSecrets	[]object		false
managementPlane	object	Configure the management plane to retrieve configuration from.	false
meshExpansion	object	Configure mesh expansion to connect workloads external to Kubernetes to the mesh.	false
meshObservability	object		false
providerSettings	object	Configures Kubernetes provider specific settings.	false
telemetryStore	object	Configure the store that TSB will use to persist application telemetry data.	false
tier1Cluster	boolean		false

Cluster.spec.installTemplate.helm.spec.components

^{^{↩ Parent}}

The set of components that make up the control plane.

Name	Type	Description	Required
collector	object		false
defaultKubeSpec	object	Configure Kubernetes default settings for all components.	false
defaultLogLevel	string	The default log level for all components if the per component log level config is not specified.	false
gitops	object	Configuration for the integration of the Control Plane with Continuous Deployment pipelines.	false
hpaAdapter	object		false
internalCertProvider	object	Configure the Kubernetes CSR certificate provider for TSB internal purposes like Webhook TLS certificates.	false
istio	object		false
ngac	object		false
oap	object		false
onboarding	object	Workload Onboarding.	false
rateLimitServer	object		false
route53Controller	object		false
satellite	object	Satellite provide load balancing capabilities for data content before the data from Envoy reaches the SPM in Control Plane.	false
wasmfetcher	object	Configuration for the WASM Fetcher component.	false
xcp	object		false

Cluster.spec.installTemplate.helm.spec.components.collector

^{^{↩ Parent}}

Name	Type	Description	Required
kubeSpec	object		false
logLevel	string	Specifies the log level for OTEL collector component.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec

^{^{↩ Parent}}

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec

^{^{↩ Parent}}

Configure Kubernetes default settings for all components.

Name	Type	Required
account	object	false
deployment	object	false
job	object	false
service	object	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.account

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.account.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.job.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.defaultKubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false

Cluster.spec.installTemplate.helm.spec.components.gitops

^{^{↩ Parent}}

Configuration for the integration of the Control Plane with Continuous Deployment pipelines.

Name	Type	Description	Required
batchWindow	string	When configured, all admission requests will be paused for the configured duration.	false
enabled	boolean	The GitOps component is in beta and disabled by default.	false
managementplaneRequestTimeout	string	The GitOps component performs operations against the management plane through the k8s webhook.	false
reconcileInterval	string	Interval at which the reconcile process will run.	false
reconcileRequestTimeout	string	The GitOps component performs operations against the management plane internal reconcile loop.	false
webhookTimeout	string	Timeout that will be set in the k8s gitops webhook resource.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter

^{^{↩ Parent}}

Name	Type	Description	Required
kubeSpec	object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec

^{^{↩ Parent}}

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.hpaAdapter.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider

^{^{↩ Parent}}

Configure the Kubernetes CSR certificate provider for TSB internal purposes like Webhook TLS certificates.

Name	Type	Description	Required
certManager	object		false
custom	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager

^{^{↩ Parent}}

Name	Type	Description	Required
certManagerCaInjector	object	Configure kubernetes specific settings for cert-manager-cainjector.	false
certManagerSpec	object	Configure kubernetes specific settings for cert-manager.	false
certManagerStartupapicheck	object	Configure kubernetes specific settings for cert-manager-startupapicheck.	false
certManagerWebhookSpec	object	Configure kubernetes specific settings for cert-manager-webhook.	false
managed	enum	Managed specifies whether TSB should manage the lifecycle of cert-manager. Enum: AUTO, EXTERNAL, INTERNAL	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector

^{^{↩ Parent}}

Configure kubernetes specific settings for cert-manager-cainjector.

Name	Type	Description	Required
kubeSpec	object	Configure kubernetes specific settings for cert-manager-cainjector.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec

^{^{↩ Parent}}

Configure kubernetes specific settings for cert-manager-cainjector.

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerCaInjector.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec

^{^{↩ Parent}}

Configure kubernetes specific settings for cert-manager.

Name	Type	Description	Required
kubeSpec	object	Configure kubernetes specific settings for cert-manager.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec

^{^{↩ Parent}}

Configure kubernetes specific settings for cert-manager.

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerSpec.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck

^{^{↩ Parent}}

Configure kubernetes specific settings for cert-manager-startupapicheck.

Name	Type	Description	Required
kubeSpec	object	Configure kubernetes specific settings for cert-manager-startupapicheck.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec

^{^{↩ Parent}}

Configure kubernetes specific settings for cert-manager-startupapicheck.

Name	Type	Required
deployment	object	false
job	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the job.	false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.job.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerStartupapicheck.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec

^{^{↩ Parent}}

Configure kubernetes specific settings for cert-manager-webhook.

Name	Type	Description	Required
kubeSpec	object	Configure kubernetes specific settings for cert-manager-webhook.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec

^{^{↩ Parent}}

Configure kubernetes specific settings for cert-manager-webhook.

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.certManager.certManagerWebhookSpec.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.internalCertProvider.custom

^{^{↩ Parent}}

Name	Type	Description	Required
caBundleSecretName	string	Configure the CABundleSecretName to be used to verify the signed CSR request by different TSB components.	false
csrSignerName	string	Name of Kubernetes CSR signer to be used to sign the CSR request by different TSB components for internal purposes.	false

Cluster.spec.installTemplate.helm.spec.components.istio

^{^{↩ Parent}}

Name	Type	Description	Required
baseOverlays	[]object	The overlays applied to the Istio base component.	false
cniOverlays	[]object	The overlays applied to the Istio CNI component.	false
defaultWorkloadCertTTL	string	The default TTL of issued workload certificates.	false
kubeSpec	object	Configure Kubernetes specific settings.	false
logLevels	map[string]string	Specifies the global logging level settings for the Istio control plane components.	false
maxWorkloadCertTTL	string	The maximum TTL that can be set in issued workload certificates.	false
mountInternalWasmExtensions	boolean		false
pilotOverlays	[]object	The overlays applied to the Istio pilot component.	false
traceSamplingRate	number	The percentage of traces Envoy will sample. Format: double	false
trustDomain	string	The trust domain corresponds to the trust root of a system.	false
tsbVersion	string	Specifies the tsb release version.	false

Cluster.spec.installTemplate.helm.spec.components.istio.baseOverlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.istio.baseOverlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.istio.cniOverlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.istio.cniOverlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec

^{^{↩ Parent}}

Configure Kubernetes specific settings.

Name	Type	Required
CNI	object	false
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.CNI

^{^{↩ Parent}}

Name	Type	Description	Required
binaryDirectory	string	Directory on the host to install the CNI binary.	false
chained	boolean		false
clusterRole	string	The ClusterRole Istio CNI will bind to in the ControlPlane namespace.	false
configurationDirectory	string	Directory on the host to install the CNI config.	false
configurationFileName	string		false
revision	string	The revisioned istio-operator that will reconcile the Istio CNI component.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.istio.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.istio.pilotOverlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.istio.pilotOverlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.ngac

^{^{↩ Parent}}

Name	Type	Description	Required
enabled	boolean	NGAC is an experimental component.	false
kubeSpec	object		false
logLevels	map[string]string	The log level configuration by scopes.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec

^{^{↩ Parent}}

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.ngac.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.oap

^{^{↩ Parent}}

Name	Type	Description	Required
kubeSpec	object		false
logLevel	string	Specifies the log level for OAP component.	false
onDemandEnvoyMetricsEnabled	boolean		false
storageIndexMergingEnabled	boolean		false
streamingLogEnabled	boolean		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec

^{^{↩ Parent}}

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.oap.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding

^{^{↩ Parent}}

Workload Onboarding.

Name	Type	Description	Required
operator	object	Configure `Workload Onboarding Operator` component.	false
plane	object	Configure `Workload Onboarding Plane` component.	false
repository	object	Configure `Workload Onboarding Repository` component.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator

^{^{↩ Parent}}

Configure Workload Onboarding Operator component.

Name	Type	Description	Required
kubeSpec	object	Configure Kubernetes specific settings.	false
logLevels	map[string]string	The log level configuration by scopes.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec

^{^{↩ Parent}}

Configure Kubernetes specific settings.

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.operator.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane

^{^{↩ Parent}}

Configure Workload Onboarding Plane component.

Name	Type	Description	Required
instance	object	Kubernetes settings for the `Workload Onboarding Plane Instance` component.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance

^{^{↩ Parent}}

Kubernetes settings for the Workload Onboarding Plane Instance component.

Name	Type	Description	Required
kubeSpec	object	Configure Kubernetes specific settings.	false
logLevels	map[string]string	The log level configuration by scopes.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec

^{^{↩ Parent}}

Configure Kubernetes specific settings.

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.plane.instance.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository

^{^{↩ Parent}}

Configure Workload Onboarding Repository component.

Name	Type	Description	Required
kubeSpec	object	Configure Kubernetes specific settings.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec

^{^{↩ Parent}}

Configure Kubernetes specific settings.

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.onboarding.repository.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer

^{^{↩ Parent}}

Name	Type	Description	Required
backend	object	Configure Database backend settings.	false
domain	string		false
kubeSpec	object	Configure Kubernetes specific settings.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.backend

^{^{↩ Parent}}

Configure Database backend settings.

Name	Type	Description	Required
redis	object	Settings for redis database backend.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.backend.redis

^{^{↩ Parent}}

Settings for redis database backend.

Name	Type	Description	Required
uri	string	The Redis Database URI.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec

^{^{↩ Parent}}

Configure Kubernetes specific settings.

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.rateLimitServer.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller

^{^{↩ Parent}}

Name	Type	Description	Required
kubeSpec	object	Configure Kubernetes specific settings.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec

^{^{↩ Parent}}

Configure Kubernetes specific settings.

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.route53Controller.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.satellite

^{^{↩ Parent}}

Satellite provide load balancing capabilities for data content before the data from Envoy reaches the SPM in Control Plane.

Name	Type	Description	Required
enabled	boolean	Satellite is an optional component.	false
kubeSpec	object		false
logLevel	string	Specifies the log level for the component.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec

^{^{↩ Parent}}

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.satellite.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher

^{^{↩ Parent}}

Configuration for the WASM Fetcher component.

Name	Type	Description	Required
cacheDisableInsecureRegistries	boolean	Denies insecure registries to be used for fetching WASM modules.	false
cacheExpiration	string	WASM Module cache expiration time.	false
cacheMaxRetries	integer	Maximum number of retries when fetching WASM modules from the OCI registry. Format: int32	false
cachePurgeInterval	string	WASM cache purge interval to periodically clean up the stale WASM modules.	false
cacheRequestTimeout	string	Specifies the timeout used when retrieving the WASM plugin from the OCI registry.	false
kubeSpec	object		false
logLevels	map[string]string	The log level configuration by scopes.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec

^{^{↩ Parent}}

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.wasmfetcher.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.xcp

^{^{↩ Parent}}

Name	Type	Description	Required
centralAuthMode	enum	Authentication mode for connections from XCP Edges to XCP Central. Enum: UNKNOWN, MUTUAL_TLS, JWT	false
centralProvidedCaCert	boolean	If true, obtain the CA cert for Istio from XCP central.	false
configProtection	object		false
enableHttpMeshInternalIdentityPropagation	boolean		false
isolationBoundaries	[]object	Configures Isolated Istio environments along with Istio revisions for each environment.	false
kubeSpec	object		false
logLevels	map[string]string	Loglevel for XCP.	false
revision	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.configProtection

^{^{↩ Parent}}

Name	Type	Description	Required
authorizedUsers	[]string	List of usernames of authorized users or svc accounts to create/update/delete XCP configs when config protection is enabled.	false
enableAuthorizedCreateUpdateDeleteOnXcpConfigs	boolean		false
enableAuthorizedUpdateDeleteOnXcpConfigs	boolean		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index]

^{^{↩ Parent}}

Name	Type	Description	Required
meshExpansion	object	Configure mesh expansion to connect workloads external to Kubernetes to the mesh.	false
name	string	Name of the IsolationBoundary.	false
revisions	[]object	Configure multiple Istio Revisions under the IsolationBoundary.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion

^{^{↩ Parent}}

Configure mesh expansion to connect workloads external to Kubernetes to the mesh.

Name	Type	Description	Required
customGateway	object	A custom mesh expansion gateway.	false
onboarding	object	Configuration of the `Workload Onboarding Plane`.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.customGateway

^{^{↩ Parent}}

A custom mesh expansion gateway.

Name

Type

Description

Required

host

string

Mesh expansion gateway host address (can be hostname or IP address).

false

port

integer

Port mesh expansion gateway is listening on.

Format: int32

false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding

^{^{↩ Parent}}

Configuration of the Workload Onboarding Plane.

Name	Type	Description	Required
endpoint	object		false
localRepository	object		false
tokenIssuer	object	Configuration of the built-in `Workload Onboarding Token Issuer`.	false
uid	string	Unique identifier of this particular installation of the `Workload Onboarding Plane`.	false
workloads	object	Configuration of the workload handling.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.endpoint

^{^{↩ Parent}}

Name	Type	Description	Required
hosts	[]string	List of hosts included in the TLS certificate.	false
secretName	string	Name of the secret that holds TLS certificate chain and private key.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.tokenIssuer

^{^{↩ Parent}}

Configuration of the built-in Workload Onboarding Token Issuer.

Name	Type	Description	Required
jwt	object	Configuration of the built-in JWT Token Issuer.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.tokenIssuer.jwt

^{^{↩ Parent}}

Configuration of the built-in JWT Token Issuer.

Name	Type	Description	Required
expiration	string	Expiration is the duration issued tokens are valid for.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.workloads

^{^{↩ Parent}}

Configuration of the workload handling.

Name	Type	Description	Required
authentication	object	Workload authentication configuration.	false
deregistration	object	Workload deregistration configuration.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.workloads.authentication

^{^{↩ Parent}}

Workload authentication configuration.

Name	Type	Description	Required
jwt	object	JWT authentication configuration.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.workloads.authentication.jwt

^{^{↩ Parent}}

JWT authentication configuration.

Name	Type	Description	Required
issuers	[]object	List of permitted JWT issuers.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.workloads.authentication.jwt.issuers[index]

^{^{↩ Parent}}

Name	Type	Description	Required
issuer	string	JWT `Issuer` identifier.	false
jwks	string	Inlined JSON Web Key Set document.	false
jwksUri	string	URL of the JSON Web Key Set document.	false
shortName	string	Unique short name associated with the issuer.	false
tokenFields	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.workloads.authentication.jwt.issuers[index].tokenFields

^{^{↩ Parent}}

Name	Type	Description	Required
attributes	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.workloads.authentication.jwt.issuers[index].tokenFields.attributes

^{^{↩ Parent}}

Name	Type	Description	Required
jsonPath	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].meshExpansion.onboarding.workloads.deregistration

^{^{↩ Parent}}

Workload deregistration configuration.

Name	Type	Description	Required
propagationDelay	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
disable	boolean		false
istio	object	Istio overlay configuration for the revision.	false
name	string	Name of the IstioRevision.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio

^{^{↩ Parent}}

Istio overlay configuration for the revision.

Name	Type	Description	Required
baseOverlays	[]object	The overlays applied to the Istio base component.	false
cniOverlays	[]object	The overlays applied to the Istio CNI component.	false
defaultWorkloadCertTTL	string	The default TTL of issued workload certificates.	false
kubeSpec	object	Configure Kubernetes specific settings.	false
logLevels	map[string]string	Specifies the global logging level settings for the Istio control plane components.	false
maxWorkloadCertTTL	string	The maximum TTL that can be set in issued workload certificates.	false
mountInternalWasmExtensions	boolean		false
pilotOverlays	[]object	The overlays applied to the Istio pilot component.	false
traceSamplingRate	number	The percentage of traces Envoy will sample. Format: double	false
trustDomain	string	The trust domain corresponds to the trust root of a system.	false
tsbVersion	string	Specifies the tsb release version.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.baseOverlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.baseOverlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.cniOverlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.cniOverlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec

^{^{↩ Parent}}

Configure Kubernetes specific settings.

Name	Type	Required
CNI	object	false
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.CNI

^{^{↩ Parent}}

Name	Type	Description	Required
binaryDirectory	string	Directory on the host to install the CNI binary.	false
chained	boolean		false
clusterRole	string	The ClusterRole Istio CNI will bind to in the ControlPlane namespace.	false
configurationDirectory	string	Directory on the host to install the CNI config.	false
configurationFileName	string		false
revision	string	The revisioned istio-operator that will reconcile the Istio CNI component.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.pilotOverlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.isolationBoundaries[index].revisions[index].istio.pilotOverlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec

^{^{↩ Parent}}

Name	Type	Required
deployment	object	false
overlays	[]object	false
service	object	false
serviceAccount	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment

^{^{↩ Parent}}

Name	Type	Description	Required
affinity	object	The scheduling constraints for the pod.	false
containerSecurityContext	object		false
env	[]object	Environment variables for all containers in the deployment.	false
hpaSpec	object		false
podAnnotations	map[string]string	Pod annotations are an unstructured key value map stored with the pod.	false
podSecurityContext	object		false
replicaCount	integer	Number of desired pods. Minimum: 0 Maximum: 4.294967295e+09	false
resources	object		false
strategy	object	The deployment strategy to use to replace existing pods with new ones.	false
tolerations	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity

^{^{↩ Parent}}

The scheduling constraints for the pod.

Name	Type	Description	Required
nodeAffinity	object	Group of node affinity scheduling rules.	false
podAffinity	object	Group of inter-pod affinity scheduling rules.	false
podAntiAffinity	object	Group of inter-pod anti-affinity scheduling rules.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.nodeAffinity

^{^{↩ Parent}}

Group of node affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
preference	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

^{^{↩ Parent}}

Name	Type	Description	Required
nodeSelectorTerms	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object		false
matchFields	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

^{^{↩ Parent}}

Name	Type	Required
key	string	false
operator	string	false
values	[]string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAffinity

^{^{↩ Parent}}

Group of inter-pod affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAntiAffinity

^{^{↩ Parent}}

Group of inter-pod anti-affinity scheduling rules.

Name	Type	Description	Required
preferredDuringSchedulingIgnoredDuringExecution	[]object		false
requiredDuringSchedulingIgnoredDuringExecution	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Description	Required
podAffinityTerm	object		false
weight	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

^{^{↩ Parent}}

Name	Type	Required
labelSelector	object	false
namespaces	[]string	false
topologyKey	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.containerSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
allowPrivilegeEscalation	boolean		false
capabilities	object		false
privileged	boolean		false
procMount	string		false
readOnlyRootFilesystem	boolean		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.containerSecurityContext.capabilities

^{^{↩ Parent}}

Name	Type	Description	Required
add	[]string		false
drop	[]string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.containerSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.containerSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.containerSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.env[index]

^{^{↩ Parent}}

Name	Type	Required
name	string	false
value	string	false
valueFrom	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.env[index].valueFrom

^{^{↩ Parent}}

Name	Type	Required
configMapKeyRef	object	false
fieldRef	object	false
resourceFieldRef	object	false
secretKeyRef	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.env[index].valueFrom.fieldRef

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string		false
fieldPath	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef

^{^{↩ Parent}}

Name	Type	Required
containerName	string	false
divisor	object	false
resource	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.env[index].valueFrom.resourceFieldRef.divisor

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.env[index].valueFrom.secretKeyRef

^{^{↩ Parent}}

Name	Type	Required
key	string	false
localObjectReference	object	false
optional	boolean	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec

^{^{↩ Parent}}

Name	Type	Description	Required
maxReplicas	integer	Format: int32	false
metrics	[]object		false
minReplicas	integer	Format: int32	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index]

^{^{↩ Parent}}

Name	Type	Required
external	object	false
object	object	false
pods	object	false
resource	object	false
type	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].external

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
metricSelector	object	false
targetAverageValue	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].external.metricSelector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].external.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].external.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].object

^{^{↩ Parent}}

Name	Type	Required
averageValue	object	false
metricName	string	false
selector	object	false
target	object	false
targetValue	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].object.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].object.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].object.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].object.target

^{^{↩ Parent}}

Name	Type	Required
apiVersion	string	false
kind	string	false
name	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].object.targetValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].pods

^{^{↩ Parent}}

Name	Type	Required
metricName	string	false
selector	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector

^{^{↩ Parent}}

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements.	false
matchLabels	map[string]string	matchLabels is a map of &#007B;key,value&#007B; pairs.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].pods.selector.matchExpressions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	false
operator	string	operator represents a key's relationship to a set of values.	false
values	[]string	values is an array of string values.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].pods.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].resource

^{^{↩ Parent}}

Name	Type	Required
name	string	false
target	object	false
targetAverageUtilization	object	false
targetAverageValue	object	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].resource.target

^{^{↩ Parent}}

Name	Type	Description	Required
averageUtilization	integer	Format: int32	false
averageValue	object		false
type	string		false
value	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.averageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].resource.target.value

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageUtilization

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.hpaSpec.metrics[index].resource.targetAverageValue

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.podSecurityContext

^{^{↩ Parent}}

Name	Type	Description	Required
fsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
fsGroupChangePolicy	string		false
runAsGroup	integer	Minimum: 0 Maximum: 4.294967295e+09	false
runAsNonRoot	boolean		false
runAsUser	integer	Minimum: 0 Maximum: 4.294967295e+09	false
seLinuxOptions	object		false
seccompProfile	object		false
supplementalGroups	[]integer		false
sysctls	[]object		false
windowsOptions	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.podSecurityContext.seLinuxOptions

^{^{↩ Parent}}

Name	Type	Required
level	string	false
role	string	false
type	string	false
user	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.podSecurityContext.seccompProfile

^{^{↩ Parent}}

Name	Type	Description	Required
localhostProfile	string		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.podSecurityContext.sysctls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
value	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.podSecurityContext.windowsOptions

^{^{↩ Parent}}

Name	Type	Required
gmsaCredentialSpec	string	false
gmsaCredentialSpecName	string	false
runAsUserName	string	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.resources

^{^{↩ Parent}}

Name	Type	Description	Required
limits	map[string]string		false
requests	map[string]string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.strategy

^{^{↩ Parent}}

The deployment strategy to use to replace existing pods with new ones.

Name	Type	Description	Required
rollingUpdate	object		false
type	string		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.strategy.rollingUpdate

^{^{↩ Parent}}

Name	Type	Description	Required
maxSurge	object		false
maxUnavailable	object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.strategy.rollingUpdate.maxSurge

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.strategy.rollingUpdate.maxUnavailable

^{^{↩ Parent}}

Name	Type	Description	Required
intVal	integer	Minimum: -2.147483648e+09 Maximum: 2.147483647e+09	false
strVal	string		false
type	integer	Format: int64	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.deployment.tolerations[index]

^{^{↩ Parent}}

Name	Type	Description	Required
effect	string	Effect indicates the taint effect to match.	false
key	string	Key is the taint key that the toleration applies to.	false
operator	string	Operator represents a key's relationship to the value.	false
tolerationSeconds	integer	Format: int64	false
value	string	Value is the taint value the toleration matches to.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.overlays[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	Resource API version.	false
kind	string	Resource kind.	false
name	string	Name of resource.	false
patches	[]object	List of patches to apply to resource.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.overlays[index].patches[index]

^{^{↩ Parent}}

Name	Type	Description	Required
path	string		false
value	object	Value to add, delete or replace.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.service

^{^{↩ Parent}}

Name	Type	Description	Required
annotations	map[string]string	Pod annotations are an unstructured key value map stored with the service.	false
labels	map[string]string	Labels are an unstructured key value map stored with the deployment.	false
ports	[]object	The set of ports on which this service is exposed.	false
type	string	Determines how the Service is exposed.	false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.service.ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.serviceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
imagePullSecrets	[]object		false

Cluster.spec.installTemplate.helm.spec.components.xcp.kubeSpec.serviceAccount.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.imagePullSecrets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name of the referent.	false

Cluster.spec.installTemplate.helm.spec.managementPlane

^{^{↩ Parent}}

Configure the management plane to retrieve configuration from.

Name	Type	Description	Required
clusterName	string		false
host	string	Management plane host address (can be hostname or IPv4/IPv6 address).	false
port	integer	Port management plane is listening on. Format: int32	false
selfSigned	boolean	Management plane uses a self signed or private TLS certificate.	false

Cluster.spec.installTemplate.helm.spec.meshExpansion

^{^{↩ Parent}}

Configure mesh expansion to connect workloads external to Kubernetes to the mesh.

Name	Type	Description	Required
customGateway	object	A custom mesh expansion gateway.	false
onboarding	object	Configuration of the `Workload Onboarding Plane`.	false

Cluster.spec.installTemplate.helm.spec.meshExpansion.customGateway

^{^{↩ Parent}}

A custom mesh expansion gateway.

Name

Type

Description

Required

host

string

Mesh expansion gateway host address (can be hostname or IP address).

false

port

integer

Port mesh expansion gateway is listening on.

Format: int32

false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding

^{^{↩ Parent}}

Configuration of the Workload Onboarding Plane.

Name	Type	Description	Required
endpoint	object		false
localRepository	object		false
tokenIssuer	object	Configuration of the built-in `Workload Onboarding Token Issuer`.	false
uid	string	Unique identifier of this particular installation of the `Workload Onboarding Plane`.	false
workloads	object	Configuration of the workload handling.	false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.endpoint

^{^{↩ Parent}}

Name	Type	Description	Required
hosts	[]string	List of hosts included in the TLS certificate.	false
secretName	string	Name of the secret that holds TLS certificate chain and private key.	false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.tokenIssuer

^{^{↩ Parent}}

Configuration of the built-in Workload Onboarding Token Issuer.

Name	Type	Description	Required
jwt	object	Configuration of the built-in JWT Token Issuer.	false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.tokenIssuer.jwt

^{^{↩ Parent}}

Configuration of the built-in JWT Token Issuer.

Name	Type	Description	Required
expiration	string	Expiration is the duration issued tokens are valid for.	false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.workloads

^{^{↩ Parent}}

Configuration of the workload handling.

Name	Type	Description	Required
authentication	object	Workload authentication configuration.	false
deregistration	object	Workload deregistration configuration.	false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.workloads.authentication

^{^{↩ Parent}}

Workload authentication configuration.

Name	Type	Description	Required
jwt	object	JWT authentication configuration.	false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.workloads.authentication.jwt

^{^{↩ Parent}}

JWT authentication configuration.

Name	Type	Description	Required
issuers	[]object	List of permitted JWT issuers.	false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.workloads.authentication.jwt.issuers[index]

^{^{↩ Parent}}

Name	Type	Description	Required
issuer	string	JWT `Issuer` identifier.	false
jwks	string	Inlined JSON Web Key Set document.	false
jwksUri	string	URL of the JSON Web Key Set document.	false
shortName	string	Unique short name associated with the issuer.	false
tokenFields	object		false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.workloads.authentication.jwt.issuers[index].tokenFields

^{^{↩ Parent}}

Name	Type	Description	Required
attributes	object		false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.workloads.authentication.jwt.issuers[index].tokenFields.attributes

^{^{↩ Parent}}

Name	Type	Description	Required
jsonPath	string		false

Cluster.spec.installTemplate.helm.spec.meshExpansion.onboarding.workloads.deregistration

^{^{↩ Parent}}

Workload deregistration configuration.

Name	Type	Description	Required
propagationDelay	string		false

Cluster.spec.installTemplate.helm.spec.meshObservability

^{^{↩ Parent}}

Name	Type	Description	Required
demoSettings	object		false
settings	object		false

Cluster.spec.installTemplate.helm.spec.meshObservability.demoSettings

^{^{↩ Parent}}

Name	Type	Description	Required
apiEndpointMetricsEnabled	boolean	Toggle to process, analyze, and generate api endpoints RED metrics.	false

Cluster.spec.installTemplate.helm.spec.meshObservability.settings

^{^{↩ Parent}}

Name	Type	Description	Required
apiEndpointMetricsEnabled	boolean	Toggle to process, analyze, and generate api endpoints RED metrics.	false

Cluster.spec.installTemplate.helm.spec.providerSettings

^{^{↩ Parent}}

Configures Kubernetes provider specific settings.

Name	Type	Description	Required
eks	object	Settings specific to EKS.	false
route53	object	Settings specific to Route53.	false

Cluster.spec.installTemplate.helm.spec.providerSettings.eks

^{^{↩ Parent}}

Settings specific to EKS.

Name	Type	Description	Required
useNlbByDefault	boolean		false

Cluster.spec.installTemplate.helm.spec.providerSettings.route53

^{^{↩ Parent}}

Settings specific to Route53.

Name	Type	Description	Required
domainFilter	[]string	List of domains to limit possible target zones by a domain suffix.	false
evaluateTargetHealth	boolean	Control whether to evaluate the health of a DNS target.	false
filterSettings	object	Filter target settings.	false
interval	string	Duration of interval between individual synchronizations.	false
namespaceSelector	object	Specifies the namespace to watch.	false
policy	enum	Specifies the policy to use when managing DNS records. Enum: SYNC, UPSERT_ONLY, CREATE_ONLY	false
serviceAccountName	string	Service account name to use for IAM role.	false
ttl	integer	Default TTL (in seconds) value for DNS records. Format: int64	false

Cluster.spec.installTemplate.helm.spec.providerSettings.route53.filterSettings

^{^{↩ Parent}}

Filter target settings.

Name	Type	Description	Required
annotationFilter	string	Filter out (remove) targets that matches annotation using label selector semantics.	false
excludeDomain	[]string	Exclude subdomains.	false
labelFilter	string	Filter out (remove) targets that matches label selector.	false
zoneIdFilter	[]string	When using the AWS provider, filter for zones with this ID.	false
zoneTagFilter	[]string	When using the AWS provider, filter for zones with this tag.	false
zoneType	enum	Filter out (removes) zones of this type. Enum: NONE, PUBLIC, PRIVATE	false

Cluster.spec.installTemplate.helm.spec.providerSettings.route53.namespaceSelector

^{^{↩ Parent}}

Specifies the namespace to watch.

Name	Type	Description	Required
ignoreNamespaces	string	Comma separated list of namespaces to ignore when watching for DNS endpoints.	false
namespace	string	Specifies the namespace to watch for resources.	false

Cluster.spec.installTemplate.helm.spec.telemetryStore

^{^{↩ Parent}}

Configure the store that TSB will use to persist application telemetry data.

Name	Type	Description	Required
elastic	object		false

Cluster.spec.installTemplate.helm.spec.telemetryStore.elastic

^{^{↩ Parent}}

Name	Type	Description	Required
host	string	Elasticsearch host address (can be hostname or IP address).	false
port	integer	Port Elasticsearch is listening on. Format: int32	false
protocol	enum	Protocol to communicate with Elasticsearch, defaults to https. Enum: https, http	false
selfSigned	boolean	Use Self-Signed certificates.	false
version	integer	DEPRECATED: Major version of the Elasticsearch cluster. Format: int32	false

Cluster.spec.locality

^{^{↩ Parent}}

Deprecated.

Name	Type	Description	Required
region	string	The geographic location of the cluster.	false

Cluster.spec.namespaceScope

^{^{↩ Parent}}

Configure the default scoping of namespaces in this cluster.

Name	Type	Description	Required
exceptions	[]string	Namespaces to be excluded form the default scope.	false
scope	enum	Enum: GLOBAL, LOCAL	false

Cluster.spec.namespaces[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
services	[]object		false

Cluster.spec.namespaces[index].services[index]

^{^{↩ Parent}}

Name	Type	Description	Required
canonicalName	string		false
gatewayHost	boolean		false
hostname	string	The hostname by which this service is accessed.	false
kubernetesExternalAddresses	[]string		false
kubernetesServiceFqdn	string		false
kubernetesServiceIp	string		false
meshExternal	boolean		false
name	string		false
namespace	string	namespace associated with the service.	false
numHops	integer	Minimum: 0 Maximum: 4.294967295e+09	false
numKubernetesEndpoints	integer	The number of kubernetes pods providing this service. Minimum: 0 Maximum: 4.294967295e+09	false
numVmEndpoints	integer	The number of VMs providing this service. Minimum: 0 Maximum: 4.294967295e+09	false
ports	[]object	The set of ports on which this service is exposed.	false
selector	map[string]string	label selectors associated with the service.	false
spiffeIds	[]string	List of SPIFFE identities used by the workloads of the service.	false
subsets	[]string		false
tier1GatewayHost	boolean		false
workloads	[]object	Workloads implementing the Service.	false

Cluster.spec.namespaces[index].services[index].ports[index]

^{^{↩ Parent}}

Name

Type

Description

Required

kubernetesNodePort

integer

Minimum: 0
Maximum: 4.294967295e+09

false

name

string

Name assigned to the port.

false

number

integer

A valid non-negative integer port number.

Minimum: 0
Maximum: 4.294967295e+09

false

Cluster.spec.namespaces[index].services[index].workloads[index]

^{^{↩ Parent}}

Name	Type	Description	Required
address	string	Routable address of the workload.	false
isVm	boolean	Indicates whether the workload is kubernetes endpoint or vm.	false
name	string	Instance name of the workload.	false
proxy	object	Proxy details.	false

Cluster.spec.namespaces[index].services[index].workloads[index].proxy

^{^{↩ Parent}}

Proxy details.

Name	Type	Description	Required
controlPlaneAddress	string		false
envoyVersion	string	Envoy version of the proxy.	false
istioVersion	string	Istio version of the proxy.	false
status	map[string]string	Sync status for each xDS component.	false

Cluster.spec.serviceAccount

^{^{↩ Parent}}

The service account created with permissions to manage the current cluster.

Name	Type	Description	Required
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
keys	[]object	Keys associated with the service account.	false

Cluster.spec.serviceAccount.keys[index]

^{^{↩ Parent}}

Name	Type	Description	Required
defaultToken	string		false
encoding	enum	Format in which the public and private keys are encoded. Enum: PEM, JWK	false
id	string	Unique identifier for this key-pair.	false
privateKey	string	The encoded private key associated with the service account.	false
publicKey	string	The encoded public key associated with the service account.	false

Cluster.spec.state

^{^{↩ Parent}}

Name	Type	Description	Required
discoveredLocality	object		false
istioVersions	[]string	This shows currently running istio versions in the cluster.	false
lastSyncTime	string	Format: date-time	false
provider	string	cluster provider.	false
tsbCpVersion	string		false
xcpVersion	string		false

Cluster.spec.state.discoveredLocality

^{^{↩ Parent}}

Name	Type	Description	Required
region	string	The geographic location of the cluster.	false

Organization

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	tsb.tetrate.io/v2	true
kind	string	Organization	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`Organization` is the root of the Service Bridge object hierarchy.	false
status	object		false

Organization.spec

^{^{↩ Parent}}

Organization is the root of the Service Bridge object hierarchy.

Name	Type	Description	Required
configGenerationMetadata	object	Default metadata values that will be propagated to the children Istio generated configurations.	false
deletionProtectionEnabled	boolean	When set, prevents the resource from being deleted.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

Organization.spec.configGenerationMetadata

^{^{↩ Parent}}

Default metadata values that will be propagated to the children Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

OrganizationSetting

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	tsb.tetrate.io/v2	true
kind	string	OrganizationSetting	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	Settings that apply globally to the entire organization.	false
status	object		false

OrganizationSetting.spec

^{^{↩ Parent}}

Settings that apply globally to the entire organization.

Name	Type	Description	Required
defaultSecuritySetting	object	Security settings for all proxy workloads in this organization.	false
defaultTrafficSetting	object	Traffic settings for all proxy workloads in this organization.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
networkSettings	object	Reachability between clusters on various networks.	false
regionalFailover	[]object	Default locality routing settings for all gateways.	false

OrganizationSetting.spec.defaultSecuritySetting

^{^{↩ Parent}}

Security settings for all proxy workloads in this organization.

Name	Type	Description	Required
authentication	enum	Enum: UNSET, OPTIONAL, REQUIRED	false
authenticationSettings	object		false
authorization	object		false
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
extension	[]object		false
fqn	string	Fully-qualified name of the resource.	false
propagationStrategy	enum	Enum: REPLACE, STRICTER	false
waf	object	NOTICE: this feature is in alpha stage and under active development.	false

OrganizationSetting.spec.defaultSecuritySetting.authenticationSettings

^{^{↩ Parent}}

Name	Type	Description	Required
http	object		false
trafficMode	enum	Enum: UNSET, OPTIONAL, REQUIRED	false

OrganizationSetting.spec.defaultSecuritySetting.authenticationSettings.http

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

OrganizationSetting.spec.defaultSecuritySetting.authenticationSettings.http.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

OrganizationSetting.spec.defaultSecuritySetting.authenticationSettings.http.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

OrganizationSetting.spec.defaultSecuritySetting.authenticationSettings.http.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

OrganizationSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

OrganizationSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

OrganizationSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

OrganizationSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization

^{^{↩ Parent}}

Name	Type	Description	Required
http	object	This is for configuring HTTP request authorization.	false
mode	enum	A short cut for specifying the set of allowed callers. Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, DISABLED, CUSTOM, RULES	false
rules	object		false
serviceAccounts	[]string		false

OrganizationSetting.spec.defaultSecuritySetting.authorization.http

^{^{↩ Parent}}

This is for configuring HTTP request authorization.

Name	Type	Description	Required
external	object		false
local	object		false

OrganizationSetting.spec.defaultSecuritySetting.authorization.http.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.http.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

OrganizationSetting.spec.defaultSecuritySetting.authorization.http.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.http.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

OrganizationSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

OrganizationSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

OrganizationSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.rules

^{^{↩ Parent}}

Name	Type	Description	Required
allow	[]object	Allow specifies a list of rules.	false
deny	[]object	Deny specifies a list of rules.	false
denyAll	boolean	Deny all specifies whether all requests should be rejected.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.rules.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.rules.allow[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.rules.allow[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.rules.deny[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.rules.deny[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

OrganizationSetting.spec.defaultSecuritySetting.authorization.rules.deny[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

OrganizationSetting.spec.defaultSecuritySetting.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

OrganizationSetting.spec.defaultSecuritySetting.extension[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

OrganizationSetting.spec.defaultSecuritySetting.extension[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

OrganizationSetting.spec.defaultSecuritySetting.extension[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

OrganizationSetting.spec.defaultSecuritySetting.waf

^{^{↩ Parent}}

NOTICE: this feature is in alpha stage and under active development.

Name	Type	Description	Required
rules	[]string	Rules to be leveraged by WAF.	false

OrganizationSetting.spec.defaultTrafficSetting

^{^{↩ Parent}}

Traffic settings for all proxy workloads in this organization.

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
egress	object		false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
rateLimiting	object	Configuration for rate limiting requests.	false
reachability	object		false
resilience	object		false

OrganizationSetting.spec.defaultTrafficSetting.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

OrganizationSetting.spec.defaultTrafficSetting.egress

^{^{↩ Parent}}

Name

Type

Description

Required

host

string

Specifies the egress gateway hostname.

false

port

integer

Deprecated.

Format: int32

false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting

^{^{↩ Parent}}

Configuration for rate limiting requests.

Name	Type	Description	Required
externalService	object	Configure ratelimiting using an external ratelimit server.	false
settings	object		false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.externalService

^{^{↩ Parent}}

Configure ratelimiting using an external ratelimit server.

Name	Type	Description	Required
domain	string	The rate limit domain to use when calling the rate limit service.	false
failClosed	boolean		false
rateLimitServerUri	string	The URI at which the external rate limit server can be reached.	false
rules	[]object	A set of rate limit rules.	false
timeout	string	The timeout in seconds for the external rate limit server RPC.	false
tls	object		false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions that are to be applied for this rate limit configuration.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationCluster	object	Rate limit on destination envoy cluster.	false
headerValueMatch	object	Rate limit on the existence of certain request headers.	false
remoteAddress	object	Rate limit on remote address of client.	false
requestHeaders	object	Rate limit on the value of certain request headers.	false
sourceCluster	object	Rate limit on source envoy cluster.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch

^{^{↩ Parent}}

Rate limit on the existence of certain request headers.

Name	Type	Description	Required
descriptorValue	string	The value to use in the descriptor entry.	false
headers	map[string]object		false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch.headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index].requestHeaders

^{^{↩ Parent}}

Rate limit on the value of certain request headers.

Name	Type	Description	Required
descriptorKey	string	The key to use in the descriptor entry.	false
headerName	string	The header name to be queried from the request headers.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.externalService.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.externalService.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.settings

^{^{↩ Parent}}

Name	Type	Description	Required
failClosed	boolean		false
rules	[]object	A list of rules for ratelimiting.	false
timeout	string	The timeout in seconds for the rate limit server RPC.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions to define each ratelimit rule.	false
limit	object	The ratelimit value that will be configured for the above rules.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
header	object	Rate limit on certain HTTP headers.	false
remoteAddress	object	Rate limit on the remote address of client.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index].header

^{^{↩ Parent}}

Rate limit on certain HTTP headers.

Name	Type	Description	Required
name	string	Name of the header to match on.	false
value	object	Value of the header to match on if matching on a specific value.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index].header.value

^{^{↩ Parent}}

Value of the header to match on if matching on a specific value.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index].remoteAddress

^{^{↩ Parent}}

Rate limit on the remote address of client.

Name	Type	Description	Required
value	string	Ratelimit on a specific remote address.	false

OrganizationSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].limit

^{^{↩ Parent}}

The ratelimit value that will be configured for the above rules.

Name

Type

Description

Required

requestsPerUnit

integer

Specifies the value of the rate limit.

Minimum: 0
Maximum: 4.294967295e+09

false

unit

enum

Specifies the unit of time for rate limit.

Enum: UNKNOWN, SECOND, MINUTE, HOUR, DAY

false

OrganizationSetting.spec.defaultTrafficSetting.reachability

^{^{↩ Parent}}

Name

Type

Description

Required

hosts

[]string

false

mode

enum

A short cut for specifying the set of services accessed by the workload.

Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, CUSTOM

false

OrganizationSetting.spec.defaultTrafficSetting.resilience

^{^{↩ Parent}}

Name	Type	Description	Required
circuitBreakerSensitivity	enum	Enum: UNSET, LOW, MEDIUM, HIGH	false
httpRequestTimeout	string	Timeout for HTTP requests.	false
httpRetries	object	Retry policy for HTTP requests.	false
keepAlive	object	Keep Alive Settings.	false
tcpKeepalive	boolean	Deprecated.	false

OrganizationSetting.spec.defaultTrafficSetting.resilience.httpRetries

^{^{↩ Parent}}

Retry policy for HTTP requests.

Name

Type

Description

Required

attempts

integer

Number of retries for a given request.

Format: int32

false

perTryTimeout

string

Timeout per retry attempt for a given request.

false

retryOn

string

Specifies the conditions under which retry takes place.

false

OrganizationSetting.spec.defaultTrafficSetting.resilience.keepAlive

^{^{↩ Parent}}

Keep Alive Settings.

Name	Type	Description	Required
tcp	object	TCP Keep Alive settings associated with the upstream and downstream TCP connections.	false

OrganizationSetting.spec.defaultTrafficSetting.resilience.keepAlive.tcp

^{^{↩ Parent}}

TCP Keep Alive settings associated with the upstream and downstream TCP connections.

Name	Type	Description	Required
downstream	object	TCP Keep Alive Settings associated with the downstream (client) connection.	false
upstream	object	TCP Keep Alive Settings associated with the upstream (backend) connection.	false

OrganizationSetting.spec.defaultTrafficSetting.resilience.keepAlive.tcp.downstream

^{^{↩ Parent}}

TCP Keep Alive Settings associated with the downstream (client) connection.

Name

Type

Description

Required

idleTime

integer

Minimum: 0
Maximum: 4.294967295e+09

false

interval

integer

The number of seconds between keep-alive probes.

Minimum: 0
Maximum: 4.294967295e+09

false

probes

integer

Minimum: 0
Maximum: 4.294967295e+09

false

OrganizationSetting.spec.defaultTrafficSetting.resilience.keepAlive.tcp.upstream

^{^{↩ Parent}}

TCP Keep Alive Settings associated with the upstream (backend) connection.

Name

Type

Description

Required

idleTime

integer

Minimum: 0
Maximum: 4.294967295e+09

false

interval

integer

The number of seconds between keep-alive probes.

Minimum: 0
Maximum: 4.294967295e+09

false

probes

integer

Minimum: 0
Maximum: 4.294967295e+09

false

OrganizationSetting.spec.networkSettings

^{^{↩ Parent}}

Reachability between clusters on various networks.

Name	Type	Description	Required
networkReachability	map[string]string	Reachability between clusters on various networks.	false

OrganizationSetting.spec.regionalFailover[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	string	Originating region.	false
to	string		false

ServiceAccount

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	tsb.tetrate.io/v2	true
kind	string	ServiceAccount	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`ServiceAccount` represents a service account that can be used to access the TSB platform.	false
status	object		false

ServiceAccount.spec

^{^{↩ Parent}}

ServiceAccount represents a service account that can be used to access the TSB platform.

Name	Type	Description	Required
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
keys	[]object	Keys associated with the service account.	false

ServiceAccount.spec.keys[index]

^{^{↩ Parent}}

Name	Type	Description	Required
defaultToken	string		false
encoding	enum	Format in which the public and private keys are encoded. Enum: PEM, JWK	false
id	string	Unique identifier for this key-pair.	false
privateKey	string	The encoded private key associated with the service account.	false
publicKey	string	The encoded public key associated with the service account.	false

Team

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	tsb.tetrate.io/v2	true
kind	string	Team	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`Team` is a named collection of users under a tenant.	false
status	object		false

Team.spec

^{^{↩ Parent}}

Team is a named collection of users under a tenant.

Name	Type	Description	Required
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
members	[]string	List of members under the team.	false
sourceType	enum	Where the team comes from. Enum: INVALID, LDAP, LOCAL, AZURE, MANUAL	false

Tenant

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	tsb.tetrate.io/v2	true
kind	string	Tenant	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.	false
status	object		false

Tenant.spec

^{^{↩ Parent}}

Tenant is a self-contained entity within an organization in the Service Bridge hierarchy.

Name	Type	Description	Required
configGenerationMetadata	object	Default metadata values that will be propagated to the children Istio generated configurations.	false
deletionProtectionEnabled	boolean	When set, prevents the resource from being deleted.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
securityDomain	string	Security domains can be used to group different resources under the same security domain.	false

Tenant.spec.configGenerationMetadata

^{^{↩ Parent}}

Default metadata values that will be propagated to the children Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

TenantSetting

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	tsb.tetrate.io/v2	true
kind	string	TenantSetting	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	Default settings that apply to all workspaces under a tenant.	false
status	object		false

TenantSetting.spec

^{^{↩ Parent}}

Default settings that apply to all workspaces under a tenant.

Name	Type	Description	Required
defaultSecuritySetting	object	Security settings for all proxy workloads in this tenant.	false
defaultTrafficSetting	object	Traffic settings for all proxy workloads in this tenant.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

TenantSetting.spec.defaultSecuritySetting

^{^{↩ Parent}}

Security settings for all proxy workloads in this tenant.

Name	Type	Description	Required
authentication	enum	Enum: UNSET, OPTIONAL, REQUIRED	false
authenticationSettings	object		false
authorization	object		false
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
extension	[]object		false
fqn	string	Fully-qualified name of the resource.	false
propagationStrategy	enum	Enum: REPLACE, STRICTER	false
waf	object	NOTICE: this feature is in alpha stage and under active development.	false

TenantSetting.spec.defaultSecuritySetting.authenticationSettings

^{^{↩ Parent}}

Name	Type	Description	Required
http	object		false
trafficMode	enum	Enum: UNSET, OPTIONAL, REQUIRED	false

TenantSetting.spec.defaultSecuritySetting.authenticationSettings.http

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

TenantSetting.spec.defaultSecuritySetting.authenticationSettings.http.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

TenantSetting.spec.defaultSecuritySetting.authenticationSettings.http.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

TenantSetting.spec.defaultSecuritySetting.authenticationSettings.http.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

TenantSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

TenantSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

TenantSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

TenantSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

TenantSetting.spec.defaultSecuritySetting.authorization

^{^{↩ Parent}}

Name	Type	Description	Required
http	object	This is for configuring HTTP request authorization.	false
mode	enum	A short cut for specifying the set of allowed callers. Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, DISABLED, CUSTOM, RULES	false
rules	object		false
serviceAccounts	[]string		false

TenantSetting.spec.defaultSecuritySetting.authorization.http

^{^{↩ Parent}}

This is for configuring HTTP request authorization.

Name	Type	Description	Required
external	object		false
local	object		false

TenantSetting.spec.defaultSecuritySetting.authorization.http.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

TenantSetting.spec.defaultSecuritySetting.authorization.http.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

TenantSetting.spec.defaultSecuritySetting.authorization.http.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

TenantSetting.spec.defaultSecuritySetting.authorization.http.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

TenantSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

TenantSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

TenantSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

TenantSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

TenantSetting.spec.defaultSecuritySetting.authorization.rules

^{^{↩ Parent}}

Name	Type	Description	Required
allow	[]object	Allow specifies a list of rules.	false
deny	[]object	Deny specifies a list of rules.	false
denyAll	boolean	Deny all specifies whether all requests should be rejected.	false

TenantSetting.spec.defaultSecuritySetting.authorization.rules.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

TenantSetting.spec.defaultSecuritySetting.authorization.rules.allow[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

TenantSetting.spec.defaultSecuritySetting.authorization.rules.allow[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

TenantSetting.spec.defaultSecuritySetting.authorization.rules.deny[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

TenantSetting.spec.defaultSecuritySetting.authorization.rules.deny[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

TenantSetting.spec.defaultSecuritySetting.authorization.rules.deny[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

TenantSetting.spec.defaultSecuritySetting.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

TenantSetting.spec.defaultSecuritySetting.extension[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

TenantSetting.spec.defaultSecuritySetting.extension[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

TenantSetting.spec.defaultSecuritySetting.extension[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

TenantSetting.spec.defaultSecuritySetting.waf

^{^{↩ Parent}}

NOTICE: this feature is in alpha stage and under active development.

Name	Type	Description	Required
rules	[]string	Rules to be leveraged by WAF.	false

TenantSetting.spec.defaultTrafficSetting

^{^{↩ Parent}}

Traffic settings for all proxy workloads in this tenant.

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
egress	object		false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
rateLimiting	object	Configuration for rate limiting requests.	false
reachability	object		false
resilience	object		false

TenantSetting.spec.defaultTrafficSetting.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

TenantSetting.spec.defaultTrafficSetting.egress

^{^{↩ Parent}}

Name

Type

Description

Required

host

string

Specifies the egress gateway hostname.

false

port

integer

Deprecated.

Format: int32

false

TenantSetting.spec.defaultTrafficSetting.rateLimiting

^{^{↩ Parent}}

Configuration for rate limiting requests.

Name	Type	Description	Required
externalService	object	Configure ratelimiting using an external ratelimit server.	false
settings	object		false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.externalService

^{^{↩ Parent}}

Configure ratelimiting using an external ratelimit server.

Name	Type	Description	Required
domain	string	The rate limit domain to use when calling the rate limit service.	false
failClosed	boolean		false
rateLimitServerUri	string	The URI at which the external rate limit server can be reached.	false
rules	[]object	A set of rate limit rules.	false
timeout	string	The timeout in seconds for the external rate limit server RPC.	false
tls	object		false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions that are to be applied for this rate limit configuration.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationCluster	object	Rate limit on destination envoy cluster.	false
headerValueMatch	object	Rate limit on the existence of certain request headers.	false
remoteAddress	object	Rate limit on remote address of client.	false
requestHeaders	object	Rate limit on the value of certain request headers.	false
sourceCluster	object	Rate limit on source envoy cluster.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch

^{^{↩ Parent}}

Rate limit on the existence of certain request headers.

Name	Type	Description	Required
descriptorValue	string	The value to use in the descriptor entry.	false
headers	map[string]object		false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch.headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index].requestHeaders

^{^{↩ Parent}}

Rate limit on the value of certain request headers.

Name	Type	Description	Required
descriptorKey	string	The key to use in the descriptor entry.	false
headerName	string	The header name to be queried from the request headers.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.externalService.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.externalService.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.settings

^{^{↩ Parent}}

Name	Type	Description	Required
failClosed	boolean		false
rules	[]object	A list of rules for ratelimiting.	false
timeout	string	The timeout in seconds for the rate limit server RPC.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions to define each ratelimit rule.	false
limit	object	The ratelimit value that will be configured for the above rules.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
header	object	Rate limit on certain HTTP headers.	false
remoteAddress	object	Rate limit on the remote address of client.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index].header

^{^{↩ Parent}}

Rate limit on certain HTTP headers.

Name	Type	Description	Required
name	string	Name of the header to match on.	false
value	object	Value of the header to match on if matching on a specific value.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index].header.value

^{^{↩ Parent}}

Value of the header to match on if matching on a specific value.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index].remoteAddress

^{^{↩ Parent}}

Rate limit on the remote address of client.

Name	Type	Description	Required
value	string	Ratelimit on a specific remote address.	false

TenantSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].limit

^{^{↩ Parent}}

The ratelimit value that will be configured for the above rules.

Name

Type

Description

Required

requestsPerUnit

integer

Specifies the value of the rate limit.

Minimum: 0
Maximum: 4.294967295e+09

false

unit

enum

Specifies the unit of time for rate limit.

Enum: UNKNOWN, SECOND, MINUTE, HOUR, DAY

false

TenantSetting.spec.defaultTrafficSetting.reachability

^{^{↩ Parent}}

Name

Type

Description

Required

hosts

[]string

false

mode

enum

A short cut for specifying the set of services accessed by the workload.

Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, CUSTOM

false

TenantSetting.spec.defaultTrafficSetting.resilience

^{^{↩ Parent}}

Name	Type	Description	Required
circuitBreakerSensitivity	enum	Enum: UNSET, LOW, MEDIUM, HIGH	false
httpRequestTimeout	string	Timeout for HTTP requests.	false
httpRetries	object	Retry policy for HTTP requests.	false
keepAlive	object	Keep Alive Settings.	false
tcpKeepalive	boolean	Deprecated.	false

TenantSetting.spec.defaultTrafficSetting.resilience.httpRetries

^{^{↩ Parent}}

Retry policy for HTTP requests.

Name

Type

Description

Required

attempts

integer

Number of retries for a given request.

Format: int32

false

perTryTimeout

string

Timeout per retry attempt for a given request.

false

retryOn

string

Specifies the conditions under which retry takes place.

false

TenantSetting.spec.defaultTrafficSetting.resilience.keepAlive

^{^{↩ Parent}}

Keep Alive Settings.

Name	Type	Description	Required
tcp	object	TCP Keep Alive settings associated with the upstream and downstream TCP connections.	false

TenantSetting.spec.defaultTrafficSetting.resilience.keepAlive.tcp

^{^{↩ Parent}}

TCP Keep Alive settings associated with the upstream and downstream TCP connections.

Name	Type	Description	Required
downstream	object	TCP Keep Alive Settings associated with the downstream (client) connection.	false
upstream	object	TCP Keep Alive Settings associated with the upstream (backend) connection.	false

TenantSetting.spec.defaultTrafficSetting.resilience.keepAlive.tcp.downstream

^{^{↩ Parent}}

TCP Keep Alive Settings associated with the downstream (client) connection.

Name

Type

Description

Required

idleTime

integer

Minimum: 0
Maximum: 4.294967295e+09

false

interval

integer

The number of seconds between keep-alive probes.

Minimum: 0
Maximum: 4.294967295e+09

false

probes

integer

Minimum: 0
Maximum: 4.294967295e+09

false

TenantSetting.spec.defaultTrafficSetting.resilience.keepAlive.tcp.upstream

^{^{↩ Parent}}

TCP Keep Alive Settings associated with the upstream (backend) connection.

Name

Type

Description

Required

idleTime

integer

Minimum: 0
Maximum: 4.294967295e+09

false

interval

integer

The number of seconds between keep-alive probes.

Minimum: 0
Maximum: 4.294967295e+09

false

probes

integer

Minimum: 0
Maximum: 4.294967295e+09

false

Workspace

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	tsb.tetrate.io/v2	true
kind	string	Workspace	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	A Workspace is a collection of related namespaces in one or more clusters.	false
status	object		false

Workspace.spec

^{^{↩ Parent}}

A Workspace is a collection of related namespaces in one or more clusters.

Name	Type	Description	Required
configGenerationMetadata	object	Default metadata values that will be propagated to the children Istio generated configurations.	false
deletionProtectionEnabled	boolean	When set, prevents the resource from being deleted.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
isolationBoundary	string	Istio Isolation Boundary name to which this workspace belongs.	false
namespaceSelector	object	Set of namespaces owned exclusively by this workspace.	false
privileged	boolean		false
securityDomain	string	Security domains can be used to group different resources under the same security domain.	false

Workspace.spec.configGenerationMetadata

^{^{↩ Parent}}

Default metadata values that will be propagated to the children Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

Workspace.spec.namespaceSelector

^{^{↩ Parent}}

Set of namespaces owned exclusively by this workspace.

Name	Type	Description	Required
names	[]string		false

WorkspaceSetting

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	tsb.tetrate.io/v2	true
kind	string	WorkspaceSetting	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	Default security and traffic settings for all proxy workloads in the workspace.	false
status	object		false

WorkspaceSetting.spec

^{^{↩ Parent}}

Default security and traffic settings for all proxy workloads in the workspace.

Name	Type	Description	Required
defaultEastWestGatewaySettings	[]object	Default east west gateway settings specifies workspace-wide east-west gateway configuration.	false
defaultSecuritySetting	object	Security settings for all proxy workloads in this workspace.	false
defaultTrafficSetting	object	Traffic settings for all proxy workloads in this workspace.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
hostsReachability	object	Hosts reachability defines the list of hostnames that this workspace can reach.	false
regionalFailover	[]object	Locality routing settings for all gateways in the workspace.	false

WorkspaceSetting.spec.defaultEastWestGatewaySettings[index]

^{^{↩ Parent}}

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
exposedServices	[]object		false
workloadSelector	object		false

WorkspaceSetting.spec.defaultEastWestGatewaySettings[index].configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

WorkspaceSetting.spec.defaultEastWestGatewaySettings[index].exposedServices[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceLabels	map[string]string		false

WorkspaceSetting.spec.defaultEastWestGatewaySettings[index].workloadSelector

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string		false
namespace	string	The namespace where the workload resides.	false

WorkspaceSetting.spec.defaultSecuritySetting

^{^{↩ Parent}}

Security settings for all proxy workloads in this workspace.

Name	Type	Description	Required
authentication	enum	Enum: UNSET, OPTIONAL, REQUIRED	false
authenticationSettings	object		false
authorization	object		false
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
extension	[]object		false
fqn	string	Fully-qualified name of the resource.	false
propagationStrategy	enum	Enum: REPLACE, STRICTER	false
waf	object	NOTICE: this feature is in alpha stage and under active development.	false

WorkspaceSetting.spec.defaultSecuritySetting.authenticationSettings

^{^{↩ Parent}}

Name	Type	Description	Required
http	object		false
trafficMode	enum	Enum: UNSET, OPTIONAL, REQUIRED	false

WorkspaceSetting.spec.defaultSecuritySetting.authenticationSettings.http

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

WorkspaceSetting.spec.defaultSecuritySetting.authenticationSettings.http.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

WorkspaceSetting.spec.defaultSecuritySetting.authenticationSettings.http.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

WorkspaceSetting.spec.defaultSecuritySetting.authenticationSettings.http.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

WorkspaceSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

WorkspaceSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

WorkspaceSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

WorkspaceSetting.spec.defaultSecuritySetting.authenticationSettings.http.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization

^{^{↩ Parent}}

Name	Type	Description	Required
http	object	This is for configuring HTTP request authorization.	false
mode	enum	A short cut for specifying the set of allowed callers. Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, DISABLED, CUSTOM, RULES	false
rules	object		false
serviceAccounts	[]string		false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.http

^{^{↩ Parent}}

This is for configuring HTTP request authorization.

Name	Type	Description	Required
external	object		false
local	object		false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.http.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.http.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.http.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.http.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.http.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.rules

^{^{↩ Parent}}

Name	Type	Description	Required
allow	[]object	Allow specifies a list of rules.	false
deny	[]object	Deny specifies a list of rules.	false
denyAll	boolean	Deny all specifies whether all requests should be rejected.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.rules.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.rules.allow[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.rules.allow[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.rules.deny[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.rules.deny[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

WorkspaceSetting.spec.defaultSecuritySetting.authorization.rules.deny[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

WorkspaceSetting.spec.defaultSecuritySetting.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

WorkspaceSetting.spec.defaultSecuritySetting.extension[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

WorkspaceSetting.spec.defaultSecuritySetting.extension[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

WorkspaceSetting.spec.defaultSecuritySetting.extension[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

WorkspaceSetting.spec.defaultSecuritySetting.waf

^{^{↩ Parent}}

NOTICE: this feature is in alpha stage and under active development.

Name	Type	Description	Required
rules	[]string	Rules to be leveraged by WAF.	false

WorkspaceSetting.spec.defaultTrafficSetting

^{^{↩ Parent}}

Traffic settings for all proxy workloads in this workspace.

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
egress	object		false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
rateLimiting	object	Configuration for rate limiting requests.	false
reachability	object		false
resilience	object		false

WorkspaceSetting.spec.defaultTrafficSetting.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

WorkspaceSetting.spec.defaultTrafficSetting.egress

^{^{↩ Parent}}

Name

Type

Description

Required

host

string

Specifies the egress gateway hostname.

false

port

integer

Deprecated.

Format: int32

false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting

^{^{↩ Parent}}

Configuration for rate limiting requests.

Name	Type	Description	Required
externalService	object	Configure ratelimiting using an external ratelimit server.	false
settings	object		false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.externalService

^{^{↩ Parent}}

Configure ratelimiting using an external ratelimit server.

Name	Type	Description	Required
domain	string	The rate limit domain to use when calling the rate limit service.	false
failClosed	boolean		false
rateLimitServerUri	string	The URI at which the external rate limit server can be reached.	false
rules	[]object	A set of rate limit rules.	false
timeout	string	The timeout in seconds for the external rate limit server RPC.	false
tls	object		false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions that are to be applied for this rate limit configuration.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationCluster	object	Rate limit on destination envoy cluster.	false
headerValueMatch	object	Rate limit on the existence of certain request headers.	false
remoteAddress	object	Rate limit on remote address of client.	false
requestHeaders	object	Rate limit on the value of certain request headers.	false
sourceCluster	object	Rate limit on source envoy cluster.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch

^{^{↩ Parent}}

Rate limit on the existence of certain request headers.

Name	Type	Description	Required
descriptorValue	string	The value to use in the descriptor entry.	false
headers	map[string]object		false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch.headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.externalService.rules[index].dimensions[index].requestHeaders

^{^{↩ Parent}}

Rate limit on the value of certain request headers.

Name	Type	Description	Required
descriptorKey	string	The key to use in the descriptor entry.	false
headerName	string	The header name to be queried from the request headers.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.externalService.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.externalService.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.settings

^{^{↩ Parent}}

Name	Type	Description	Required
failClosed	boolean		false
rules	[]object	A list of rules for ratelimiting.	false
timeout	string	The timeout in seconds for the rate limit server RPC.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions to define each ratelimit rule.	false
limit	object	The ratelimit value that will be configured for the above rules.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
header	object	Rate limit on certain HTTP headers.	false
remoteAddress	object	Rate limit on the remote address of client.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index].header

^{^{↩ Parent}}

Rate limit on certain HTTP headers.

Name	Type	Description	Required
name	string	Name of the header to match on.	false
value	object	Value of the header to match on if matching on a specific value.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index].header.value

^{^{↩ Parent}}

Value of the header to match on if matching on a specific value.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].dimensions[index].remoteAddress

^{^{↩ Parent}}

Rate limit on the remote address of client.

Name	Type	Description	Required
value	string	Ratelimit on a specific remote address.	false

WorkspaceSetting.spec.defaultTrafficSetting.rateLimiting.settings.rules[index].limit

^{^{↩ Parent}}

The ratelimit value that will be configured for the above rules.

Name

Type

Description

Required

requestsPerUnit

integer

Specifies the value of the rate limit.

Minimum: 0
Maximum: 4.294967295e+09

false

unit

enum

Specifies the unit of time for rate limit.

Enum: UNKNOWN, SECOND, MINUTE, HOUR, DAY

false

WorkspaceSetting.spec.defaultTrafficSetting.reachability

^{^{↩ Parent}}

Name

Type

Description

Required

hosts

[]string

false

mode

enum

A short cut for specifying the set of services accessed by the workload.

Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, CUSTOM

false

WorkspaceSetting.spec.defaultTrafficSetting.resilience

^{^{↩ Parent}}

Name	Type	Description	Required
circuitBreakerSensitivity	enum	Enum: UNSET, LOW, MEDIUM, HIGH	false
httpRequestTimeout	string	Timeout for HTTP requests.	false
httpRetries	object	Retry policy for HTTP requests.	false
keepAlive	object	Keep Alive Settings.	false
tcpKeepalive	boolean	Deprecated.	false

WorkspaceSetting.spec.defaultTrafficSetting.resilience.httpRetries

^{^{↩ Parent}}

Retry policy for HTTP requests.

Name

Type

Description

Required

attempts

integer

Number of retries for a given request.

Format: int32

false

perTryTimeout

string

Timeout per retry attempt for a given request.

false

retryOn

string

Specifies the conditions under which retry takes place.

false

WorkspaceSetting.spec.defaultTrafficSetting.resilience.keepAlive

^{^{↩ Parent}}

Keep Alive Settings.

Name	Type	Description	Required
tcp	object	TCP Keep Alive settings associated with the upstream and downstream TCP connections.	false

WorkspaceSetting.spec.defaultTrafficSetting.resilience.keepAlive.tcp

^{^{↩ Parent}}

TCP Keep Alive settings associated with the upstream and downstream TCP connections.

Name	Type	Description	Required
downstream	object	TCP Keep Alive Settings associated with the downstream (client) connection.	false
upstream	object	TCP Keep Alive Settings associated with the upstream (backend) connection.	false

WorkspaceSetting.spec.defaultTrafficSetting.resilience.keepAlive.tcp.downstream

^{^{↩ Parent}}

TCP Keep Alive Settings associated with the downstream (client) connection.

Name

Type

Description

Required

idleTime

integer

Minimum: 0
Maximum: 4.294967295e+09

false

interval

integer

The number of seconds between keep-alive probes.

Minimum: 0
Maximum: 4.294967295e+09

false

probes

integer

Minimum: 0
Maximum: 4.294967295e+09

false

WorkspaceSetting.spec.defaultTrafficSetting.resilience.keepAlive.tcp.upstream

^{^{↩ Parent}}

TCP Keep Alive Settings associated with the upstream (backend) connection.

Name

Type

Description

Required

idleTime

integer

Minimum: 0
Maximum: 4.294967295e+09

false

interval

integer

The number of seconds between keep-alive probes.

Minimum: 0
Maximum: 4.294967295e+09

false

probes

integer

Minimum: 0
Maximum: 4.294967295e+09

false

WorkspaceSetting.spec.hostsReachability

^{^{↩ Parent}}

Hosts reachability defines the list of hostnames that this workspace can reach.

Name	Type	Description	Required
hostnames	[]object	The Gateway hostname that can be one of the following.	false

WorkspaceSetting.spec.hostsReachability.hostnames[index]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

WorkspaceSetting.spec.regionalFailover[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	string	Originating region.	false
to	string		false

application.tsb.tetrate.io/v2

Resource Types:

API
Application

API

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	application.tsb.tetrate.io/v2	true
kind	string	API	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	An API configuring a set of servers and endpoints that expose the Application business logic.	false
status	object		false

API.spec

^{^{↩ Parent}}

An API configuring a set of servers and endpoints that expose the Application business logic.

Name	Type	Description	Required
configResources	[]object	The configuration resources that are related to this API object.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
endpoints	[]object	List of endpoints exposed by this API.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
httpServers	[]object	List of gateways servers that expose the API.	false
openapi	string	The raw OpenAPI spec for this API.	false
servers	[]object	DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.	false
workloadSelector	object		false

API.spec.configResources[index]

^{^{↩ Parent}}

Name	Type	Description	Required
exclusivelyOwned	boolean		false
expectedEtag	string		false
fqn	string	The FQN of the resource this status is computed for.	false

API.spec.endpoints[index]

^{^{↩ Parent}}

Name	Type	Description	Required
exposedBy	object	The exposer of this endpoint.	false
hostnames	[]string	The list of hostnames where this endpoint is exposed.	false
methods	[]string	The list of HTTP methods this endpoint supports.	false
path	string	The HTTP path of the endpoint, relative to the hostnames exposed by the API.	false
service	string	DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.	false

API.spec.endpoints[index].exposedBy

^{^{↩ Parent}}

The exposer of this endpoint.

Name	Type	Description	Required
clusterGroup	object	The clusters that are exposing a concrete endpoint.	false
service	string	The FQN of the service in the service registry that is exposing a concrete endpoint.	false

API.spec.endpoints[index].exposedBy.clusterGroup

^{^{↩ Parent}}

The clusters that are exposing a concrete endpoint.

Name	Type	Description	Required
clusters	[]object	The clusters that contain gateways exposing the HTTPEndpoint.	false

API.spec.endpoints[index].exposedBy.clusterGroup.clusters[index]

^{^{↩ Parent}}

Name

Type

Description

Required

labels

map[string]string

Labels associated with the cluster.

false

name

string

The name of the cluster exposing the endpoint.

false

weight

integer

The weight for traffic to a cluster exposing the endpoint.

Minimum: 0
Maximum: 4.294967295e+09

false

API.spec.httpServers[index]

^{^{↩ Parent}}

Name	Type	Description	Required
authentication	object		false
authorization	object	Authorization is used to configure authorization of end users.	false
hostname	string	Hostname with which the service can be expected to be accessed by clients.	false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed at the gateway workload(pod). Minimum: 0 Maximum: 4.294967295e+09	false
rateLimiting	object	Configuration for rate limiting requests.	false
routing	object	Routing rules associated with HTTP traffic to this server.	false
tls	object	TLS certificate info.	false
transit	boolean	If set to true, the server is configured to be exposed within the mesh.	false

API.spec.httpServers[index].authentication

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

API.spec.httpServers[index].authentication.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

API.spec.httpServers[index].authentication.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

API.spec.httpServers[index].authentication.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

API.spec.httpServers[index].authentication.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

API.spec.httpServers[index].authentication.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

API.spec.httpServers[index].authentication.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

API.spec.httpServers[index].authentication.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

API.spec.httpServers[index].authorization

^{^{↩ Parent}}

Authorization is used to configure authorization of end users.

Name	Type	Description	Required
external	object		false
local	object		false

API.spec.httpServers[index].authorization.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

API.spec.httpServers[index].authorization.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

API.spec.httpServers[index].authorization.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

API.spec.httpServers[index].authorization.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

API.spec.httpServers[index].authorization.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

API.spec.httpServers[index].authorization.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

API.spec.httpServers[index].authorization.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

API.spec.httpServers[index].authorization.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

API.spec.httpServers[index].rateLimiting

^{^{↩ Parent}}

Configuration for rate limiting requests.

Name	Type	Description	Required
externalService	object	Configure ratelimiting using an external ratelimit server.	false
settings	object		false

API.spec.httpServers[index].rateLimiting.externalService

^{^{↩ Parent}}

Configure ratelimiting using an external ratelimit server.

Name	Type	Description	Required
domain	string	The rate limit domain to use when calling the rate limit service.	false
failClosed	boolean		false
rateLimitServerUri	string	The URI at which the external rate limit server can be reached.	false
rules	[]object	A set of rate limit rules.	false
timeout	string	The timeout in seconds for the external rate limit server RPC.	false
tls	object		false

API.spec.httpServers[index].rateLimiting.externalService.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions that are to be applied for this rate limit configuration.	false

API.spec.httpServers[index].rateLimiting.externalService.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationCluster	object	Rate limit on destination envoy cluster.	false
headerValueMatch	object	Rate limit on the existence of certain request headers.	false
remoteAddress	object	Rate limit on remote address of client.	false
requestHeaders	object	Rate limit on the value of certain request headers.	false
sourceCluster	object	Rate limit on source envoy cluster.	false

API.spec.httpServers[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch

^{^{↩ Parent}}

Rate limit on the existence of certain request headers.

Name	Type	Description	Required
descriptorValue	string	The value to use in the descriptor entry.	false
headers	map[string]object		false

API.spec.httpServers[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch.headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

API.spec.httpServers[index].rateLimiting.externalService.rules[index].dimensions[index].requestHeaders

^{^{↩ Parent}}

Rate limit on the value of certain request headers.

Name	Type	Description	Required
descriptorKey	string	The key to use in the descriptor entry.	false
headerName	string	The header name to be queried from the request headers.	false

API.spec.httpServers[index].rateLimiting.externalService.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

API.spec.httpServers[index].rateLimiting.externalService.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

API.spec.httpServers[index].rateLimiting.settings

^{^{↩ Parent}}

Name	Type	Description	Required
failClosed	boolean		false
rules	[]object	A list of rules for ratelimiting.	false
timeout	string	The timeout in seconds for the rate limit server RPC.	false

API.spec.httpServers[index].rateLimiting.settings.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions to define each ratelimit rule.	false
limit	object	The ratelimit value that will be configured for the above rules.	false

API.spec.httpServers[index].rateLimiting.settings.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
header	object	Rate limit on certain HTTP headers.	false
remoteAddress	object	Rate limit on the remote address of client.	false

API.spec.httpServers[index].rateLimiting.settings.rules[index].dimensions[index].header

^{^{↩ Parent}}

Rate limit on certain HTTP headers.

Name	Type	Description	Required
name	string	Name of the header to match on.	false
value	object	Value of the header to match on if matching on a specific value.	false

API.spec.httpServers[index].rateLimiting.settings.rules[index].dimensions[index].header.value

^{^{↩ Parent}}

Value of the header to match on if matching on a specific value.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

API.spec.httpServers[index].rateLimiting.settings.rules[index].dimensions[index].remoteAddress

^{^{↩ Parent}}

Rate limit on the remote address of client.

Name	Type	Description	Required
value	string	Ratelimit on a specific remote address.	false

API.spec.httpServers[index].rateLimiting.settings.rules[index].limit

^{^{↩ Parent}}

The ratelimit value that will be configured for the above rules.

Name

Type

Description

Required

requestsPerUnit

integer

Specifies the value of the rate limit.

Minimum: 0
Maximum: 4.294967295e+09

false

unit

enum

Specifies the unit of time for rate limit.

Enum: UNKNOWN, SECOND, MINUTE, HOUR, DAY

false

API.spec.httpServers[index].routing

^{^{↩ Parent}}

Routing rules associated with HTTP traffic to this server.

Name	Type	Description	Required
corsPolicy	object	Cross origin resource request policy settings for all routes.	false
rules	[]object	HTTP routes.	false

API.spec.httpServers[index].routing.corsPolicy

^{^{↩ Parent}}

Cross origin resource request policy settings for all routes.

Name	Type	Description	Required
allowCredentials	boolean		false
allowHeaders	[]string	List of HTTP headers that can be used when requesting the resource.	false
allowMethods	[]string	List of HTTP methods allowed to access the resource.	false
allowOrigin	[]string	The list of origins that are allowed to perform CORS requests.	false
exposeHeaders	[]string	A white list of HTTP headers that the browsers are allowed to access.	false
maxAge	string	Specifies how long the results of a preflight request can be cached.	false

API.spec.httpServers[index].routing.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
disableExternalAuthorization	boolean		false
match	[]object	One or more match conditions (OR-ed).	false
modify	object	One or more mutations to be performed before forwarding.	false
redirect	object	Redirect the request to a different host or URL or both.	false
route	object	Forward the request to the specified destination(s).	false

API.spec.httpServers[index].routing.rules[index].match[index]

^{^{↩ Parent}}

Name	Type	Description	Required
headers	map[string]object	The header keys must be lowercase and use hyphen as the separator, e.g.	false
uri	object	URI to match.	false

API.spec.httpServers[index].routing.rules[index].match[index].headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

API.spec.httpServers[index].routing.rules[index].match[index].uri

^{^{↩ Parent}}

URI to match.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

API.spec.httpServers[index].routing.rules[index].modify

^{^{↩ Parent}}

One or more mutations to be performed before forwarding.

Name	Type	Description	Required
headers	object	Add/remove/overwrite one or more HTTP headers in a request or response.	false
rewrite	object	Rewrite the HTTP Host or URL or both.	false

API.spec.httpServers[index].routing.rules[index].modify.headers

^{^{↩ Parent}}

Add/remove/overwrite one or more HTTP headers in a request or response.

Name	Type	Description	Required
request	object	Header manipulation rules to apply before forwarding a request to the destination service.	false
response	object	Header manipulation rules to apply before returning a response to the caller.	false

API.spec.httpServers[index].routing.rules[index].modify.headers.request

^{^{↩ Parent}}

Header manipulation rules to apply before forwarding a request to the destination service.

Name	Type	Description	Required
add	map[string]string		false
remove	[]string	Remove a the specified headers.	false
set	map[string]string	Overwrite the headers specified by key with the given values.	false

API.spec.httpServers[index].routing.rules[index].modify.headers.response

^{^{↩ Parent}}

Header manipulation rules to apply before returning a response to the caller.

Name	Type	Description	Required
add	map[string]string		false
remove	[]string	Remove a the specified headers.	false
set	map[string]string	Overwrite the headers specified by key with the given values.	false

API.spec.httpServers[index].routing.rules[index].modify.rewrite

^{^{↩ Parent}}

Rewrite the HTTP Host or URL or both.

Name	Type	Description	Required
authority	string	Rewrite the Authority/Host header with this value.	false
uri	string	Rewrite the path (or the prefix) portion of the URI with this value.	false

API.spec.httpServers[index].routing.rules[index].redirect

^{^{↩ Parent}}

Redirect the request to a different host or URL or both.

Name	Type	Description	Required
authority	string	On a redirect, overwrite the Authority/Host portion of the URL with this value.	false
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
redirectCode	integer	Minimum: 0 Maximum: 4.294967295e+09	false
scheme	string	On a redirect, overwrite the scheme with this one.	false
uri	string	On a redirect, overwrite the Path portion of the URL with this value.	false

API.spec.httpServers[index].routing.rules[index].route

^{^{↩ Parent}}

Forward the request to the specified destination(s).

Name	Type	Description	Required
clusterDestination	object		false
serviceDestination	object	RouteToService represents the service running in clusters.	false

API.spec.httpServers[index].routing.rules[index].route.clusterDestination

^{^{↩ Parent}}

Name	Type	Description	Required
clusters	[]object	The destination clusters that contain ingress gateways exposing the hostname.	false

API.spec.httpServers[index].routing.rules[index].route.clusterDestination.clusters[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels associated with the cluster.	false
name	string	The name of the destination cluster.	false
network	string	The network associated with the destination clusters.	false
weight	integer	The weight for traffic to a given destination. Minimum: 0 Maximum: 4.294967295e+09	false

API.spec.httpServers[index].routing.rules[index].route.serviceDestination

^{^{↩ Parent}}

RouteToService represents the service running in clusters.

Name Type Description Required

host

string

The destination service in &#003C;namespace&#003E;/&#003C;fqdn&#003E;.

false

port

integer

The port on the service to forward the request to.

Minimum: 0
Maximum: 4.294967295e+09

false

tls object false

API.spec.httpServers[index].routing.rules[index].route.serviceDestination.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

API.spec.httpServers[index].routing.rules[index].route.serviceDestination.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

API.spec.httpServers[index].tls

^{^{↩ Parent}}

TLS certificate info.

Name	Type	Description	Required
cipherSuites	[]string	List of cipher suites to be used for TLS connections.	false
files	object		false
maxProtocolVersion	enum	Set the maximum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
minProtocolVersion	enum	Set the minimum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string		false
subjectAltNames	[]string		false

API.spec.httpServers[index].tls.files

^{^{↩ Parent}}

Name	Type	Required
caCertificates	string	false
privateKey	string	false
serverCertificate	string	false

API.spec.servers[index]

^{^{↩ Parent}}

Name	Type	Description	Required
authentication	object	Configuration to authenticate clients.	false
authorization	object	Configuration to authorize a request.	false
hostname	string	Hostname with which the service can be expected to be accessed by clients.	false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed. Minimum: 0 Maximum: 4.294967295e+09	false
rateLimiting	object	Configuration for rate limiting requests.	false
routing	object	Routing rules associated with HTTP traffic to this service.	false
tls	object	TLS certificate info.	false
xxxOldAuthentication	object		false
xxxOldAuthorization	object		false

API.spec.servers[index].authentication

^{^{↩ Parent}}

Configuration to authenticate clients.

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

API.spec.servers[index].authentication.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

API.spec.servers[index].authentication.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

API.spec.servers[index].authentication.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

API.spec.servers[index].authentication.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

API.spec.servers[index].authentication.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

API.spec.servers[index].authentication.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

API.spec.servers[index].authentication.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

API.spec.servers[index].authorization

^{^{↩ Parent}}

Configuration to authorize a request.

Name	Type	Description	Required
external	object		false
local	object		false

API.spec.servers[index].authorization.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

API.spec.servers[index].authorization.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

API.spec.servers[index].authorization.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

API.spec.servers[index].authorization.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

API.spec.servers[index].authorization.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

API.spec.servers[index].authorization.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

API.spec.servers[index].authorization.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

API.spec.servers[index].authorization.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

API.spec.servers[index].rateLimiting

^{^{↩ Parent}}

Configuration for rate limiting requests.

Name	Type	Description	Required
externalService	object	Configure ratelimiting using an external ratelimit server.	false
settings	object		false

API.spec.servers[index].rateLimiting.externalService

^{^{↩ Parent}}

Configure ratelimiting using an external ratelimit server.

Name	Type	Description	Required
domain	string	The rate limit domain to use when calling the rate limit service.	false
failClosed	boolean		false
rateLimitServerUri	string	The URI at which the external rate limit server can be reached.	false
rules	[]object	A set of rate limit rules.	false
timeout	string	The timeout in seconds for the external rate limit server RPC.	false
tls	object		false

API.spec.servers[index].rateLimiting.externalService.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions that are to be applied for this rate limit configuration.	false

API.spec.servers[index].rateLimiting.externalService.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationCluster	object	Rate limit on destination envoy cluster.	false
headerValueMatch	object	Rate limit on the existence of certain request headers.	false
remoteAddress	object	Rate limit on remote address of client.	false
requestHeaders	object	Rate limit on the value of certain request headers.	false
sourceCluster	object	Rate limit on source envoy cluster.	false

API.spec.servers[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch

^{^{↩ Parent}}

Rate limit on the existence of certain request headers.

Name	Type	Description	Required
descriptorValue	string	The value to use in the descriptor entry.	false
headers	map[string]object		false

API.spec.servers[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch.headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

API.spec.servers[index].rateLimiting.externalService.rules[index].dimensions[index].requestHeaders

^{^{↩ Parent}}

Rate limit on the value of certain request headers.

Name	Type	Description	Required
descriptorKey	string	The key to use in the descriptor entry.	false
headerName	string	The header name to be queried from the request headers.	false

API.spec.servers[index].rateLimiting.externalService.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

API.spec.servers[index].rateLimiting.externalService.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

API.spec.servers[index].rateLimiting.settings

^{^{↩ Parent}}

Name	Type	Description	Required
failClosed	boolean		false
rules	[]object	A list of rules for ratelimiting.	false
timeout	string	The timeout in seconds for the rate limit server RPC.	false

API.spec.servers[index].rateLimiting.settings.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions to define each ratelimit rule.	false
limit	object	The ratelimit value that will be configured for the above rules.	false

API.spec.servers[index].rateLimiting.settings.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
header	object	Rate limit on certain HTTP headers.	false
remoteAddress	object	Rate limit on the remote address of client.	false

API.spec.servers[index].rateLimiting.settings.rules[index].dimensions[index].header

^{^{↩ Parent}}

Rate limit on certain HTTP headers.

Name	Type	Description	Required
name	string	Name of the header to match on.	false
value	object	Value of the header to match on if matching on a specific value.	false

API.spec.servers[index].rateLimiting.settings.rules[index].dimensions[index].header.value

^{^{↩ Parent}}

Value of the header to match on if matching on a specific value.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

API.spec.servers[index].rateLimiting.settings.rules[index].dimensions[index].remoteAddress

^{^{↩ Parent}}

Rate limit on the remote address of client.

Name	Type	Description	Required
value	string	Ratelimit on a specific remote address.	false

API.spec.servers[index].rateLimiting.settings.rules[index].limit

^{^{↩ Parent}}

The ratelimit value that will be configured for the above rules.

Name

Type

Description

Required

requestsPerUnit

integer

Specifies the value of the rate limit.

Minimum: 0
Maximum: 4.294967295e+09

false

unit

enum

Specifies the unit of time for rate limit.

Enum: UNKNOWN, SECOND, MINUTE, HOUR, DAY

false

API.spec.servers[index].routing

^{^{↩ Parent}}

Routing rules associated with HTTP traffic to this service.

Name	Type	Description	Required
corsPolicy	object	Cross origin resource request policy settings for all routes.	false
rules	[]object	HTTP routes.	false

API.spec.servers[index].routing.corsPolicy

^{^{↩ Parent}}

Cross origin resource request policy settings for all routes.

Name	Type	Description	Required
allowCredentials	boolean		false
allowHeaders	[]string	List of HTTP headers that can be used when requesting the resource.	false
allowMethods	[]string	List of HTTP methods allowed to access the resource.	false
allowOrigin	[]string	The list of origins that are allowed to perform CORS requests.	false
exposeHeaders	[]string	A white list of HTTP headers that the browsers are allowed to access.	false
maxAge	string	Specifies how long the results of a preflight request can be cached.	false

API.spec.servers[index].routing.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
match	[]object	One or more match conditions (OR-ed).	false
modify	object	One or more mutations to be performed before forwarding.	false
redirect	object	Redirect the request to a different host or URL or both.	false
route	object	Forward the request to the specified destination(s).	false

API.spec.servers[index].routing.rules[index].match[index]

^{^{↩ Parent}}

Name	Type	Description	Required
headers	map[string]object	The header keys must be lowercase and use hyphen as the separator, e.g.	false
uri	object	URI to match.	false

API.spec.servers[index].routing.rules[index].match[index].headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

API.spec.servers[index].routing.rules[index].match[index].uri

^{^{↩ Parent}}

URI to match.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

API.spec.servers[index].routing.rules[index].modify

^{^{↩ Parent}}

One or more mutations to be performed before forwarding.

Name	Type	Description	Required
headers	object	Add/remove/overwrite one or more HTTP headers in a request or response.	false
rewrite	object	Rewrite the HTTP Host or URL or both.	false

API.spec.servers[index].routing.rules[index].modify.headers

^{^{↩ Parent}}

Add/remove/overwrite one or more HTTP headers in a request or response.

Name	Type	Description	Required
request	object	Header manipulation rules to apply before forwarding a request to the destination service.	false
response	object	Header manipulation rules to apply before returning a response to the caller.	false

API.spec.servers[index].routing.rules[index].modify.headers.request

^{^{↩ Parent}}

Header manipulation rules to apply before forwarding a request to the destination service.

Name	Type	Description	Required
add	map[string]string		false
remove	[]string	Remove a the specified headers.	false
set	map[string]string	Overwrite the headers specified by key with the given values.	false

API.spec.servers[index].routing.rules[index].modify.headers.response

^{^{↩ Parent}}

Header manipulation rules to apply before returning a response to the caller.

Name	Type	Description	Required
add	map[string]string		false
remove	[]string	Remove a the specified headers.	false
set	map[string]string	Overwrite the headers specified by key with the given values.	false

API.spec.servers[index].routing.rules[index].modify.rewrite

^{^{↩ Parent}}

Rewrite the HTTP Host or URL or both.

Name	Type	Description	Required
authority	string	Rewrite the Authority/Host header with this value.	false
uri	string	Rewrite the path (or the prefix) portion of the URI with this value.	false

API.spec.servers[index].routing.rules[index].redirect

^{^{↩ Parent}}

Redirect the request to a different host or URL or both.

Name	Type	Description	Required
authority	string	On a redirect, overwrite the Authority/Host portion of the URL with this value.	false
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
redirectCode	integer	Minimum: 0 Maximum: 4.294967295e+09	false
scheme	string	On a redirect, overwrite the scheme with this one.	false
uri	string	On a redirect, overwrite the Path portion of the URL with this value.	false

API.spec.servers[index].routing.rules[index].route

^{^{↩ Parent}}

Forward the request to the specified destination(s).

Name

Type

Description

Required

host

string

false

port

integer

The port on the service to forward the request to.

Minimum: 0
Maximum: 4.294967295e+09

false

API.spec.servers[index].tls

^{^{↩ Parent}}

TLS certificate info.

Name	Type	Description	Required
cipherSuites	[]string	List of cipher suites to be used for TLS connections.	false
files	object		false
maxProtocolVersion	enum	Set the maximum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
minProtocolVersion	enum	Set the minimum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string		false
subjectAltNames	[]string		false

API.spec.servers[index].tls.files

^{^{↩ Parent}}

Name	Type	Required
caCertificates	string	false
privateKey	string	false
serverCertificate	string	false

API.spec.servers[index].xxxOldAuthentication

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object		false

API.spec.servers[index].xxxOldAuthentication.jwt

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false

API.spec.servers[index].xxxOldAuthorization

^{^{↩ Parent}}

Name	Type	Description	Required
external	object		false
local	object		false

API.spec.servers[index].xxxOldAuthorization.external

^{^{↩ Parent}}

Name	Type	Description	Required
includeRequestHeaders	[]string		false
uri	string		false

API.spec.servers[index].xxxOldAuthorization.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

API.spec.servers[index].xxxOldAuthorization.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

API.spec.servers[index].xxxOldAuthorization.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

API.spec.servers[index].xxxOldAuthorization.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

API.spec.servers[index].xxxOldAuthorization.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

API.spec.workloadSelector

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string		false
namespace	string	The namespace where the workload resides.	false

Application

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	application.tsb.tetrate.io/v2	true
kind	string	Application	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

Application.spec

^{^{↩ Parent}}

Name	Type	Description	Required
configResources	[]object	The configuration resources that are related to this Application.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
gatewayGroup	string	Optional FQN of the Gateway Group to be used by the application.	false
namespaceSelector	object	Optional set of namespaces this application can configure.	false
services	[]string	Optional list of services that are part of the application.	false
workspace	string	FQN of the workspace this application is part of.	false

Application.spec.configResources[index]

^{^{↩ Parent}}

Name	Type	Description	Required
exclusivelyOwned	boolean		false
expectedEtag	string		false
fqn	string	The FQN of the resource this status is computed for.	false

Application.spec.namespaceSelector

^{^{↩ Parent}}

Optional set of namespaces this application can configure.

Name	Type	Description	Required
names	[]string		false

extension.tsb.tetrate.io/v2

Resource Types:

WasmExtension

WasmExtension

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	extension.tsb.tetrate.io/v2	true
kind	string	WasmExtension	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

WasmExtension.spec

^{^{↩ Parent}}

Name	Type	Description	Required
allowedIn	[]string	List of fqns where this extension is allowed to run.	false
config	object		false
description	string	A description of the extension.	false
displayName	string	User friendly name for the extension.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
image	string	Deprecated.	false
imagePullPolicy	enum	Enum: UNSPECIFIED_POLICY, IfNotPresent, Always	false
imagePullSecret	string	Credentials to use for OCI image pulling.	false
match	object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false
phase	enum	The phase in the filter chain where the extension will be injected. Enum: UNSPECIFIED_PHASE, AUTHN, AUTHZ, STATS	false
priority	integer	Determines the ordering of WasmExtensions in the same phase. Format: int32	false
source	string		false
url	string	URL of a Wasm module or OCI container.	false
vmConfig	object		false

WasmExtension.spec.match

^{^{↩ Parent}}

Specifies the criteria to determine which traffic is passed to WasmExtension.

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

WasmExtension.spec.vmConfig

^{^{↩ Parent}}

Name	Type	Description	Required
env	[]object	Specifies environment variables to be injected to this VM.	false

WasmExtension.spec.vmConfig.env[index]

^{^{↩ Parent}}

Name

Type

Description

Required

name

string

Name of the environment variable.

false

value

string

Value for the environment variable.

false

valueFrom

enum

Source for the environment variable's value.

Enum: INLINE, HOST

false

gateway.tsb.tetrate.io/v2

Resource Types:

EgressGateway
Gateway
Group
IngressGateway
Tier1Gateway

EgressGateway

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	gateway.tsb.tetrate.io/v2	true
kind	string	EgressGateway	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`EgressGateway` configures a workload to act as an egress gateway in the mesh.	false
status	object		false

EgressGateway.spec

^{^{↩ Parent}}

EgressGateway configures a workload to act as an egress gateway in the mesh.

Name	Type	Description	Required
authorization	[]object	The description of which service accounts can access which hosts.	false
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
extension	[]object		false
fqn	string	Fully-qualified name of the resource.	false
workloadSelector	object		false

EgressGateway.spec.authorization[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	The workloads or service accounts this authorization rule applies to.	false
to	[]string	The external hostnames the workload(s) described in this rule can access.	false

EgressGateway.spec.authorization[index].from

^{^{↩ Parent}}

The workloads or service accounts this authorization rule applies to.

Name	Type	Description	Required
http	object	This is for configuring HTTP request authorization.	false
mode	enum	A short cut for specifying the set of allowed callers. Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, DISABLED, CUSTOM, RULES	false
rules	object		false
serviceAccounts	[]string		false

EgressGateway.spec.authorization[index].from.http

^{^{↩ Parent}}

This is for configuring HTTP request authorization.

Name	Type	Description	Required
external	object		false
local	object		false

EgressGateway.spec.authorization[index].from.http.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

EgressGateway.spec.authorization[index].from.http.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

EgressGateway.spec.authorization[index].from.http.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

EgressGateway.spec.authorization[index].from.http.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

EgressGateway.spec.authorization[index].from.http.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

EgressGateway.spec.authorization[index].from.http.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

EgressGateway.spec.authorization[index].from.http.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

EgressGateway.spec.authorization[index].from.http.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

EgressGateway.spec.authorization[index].from.rules

^{^{↩ Parent}}

Name	Type	Description	Required
allow	[]object	Allow specifies a list of rules.	false
deny	[]object	Deny specifies a list of rules.	false
denyAll	boolean	Deny all specifies whether all requests should be rejected.	false

EgressGateway.spec.authorization[index].from.rules.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

EgressGateway.spec.authorization[index].from.rules.allow[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

EgressGateway.spec.authorization[index].from.rules.allow[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

EgressGateway.spec.authorization[index].from.rules.deny[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

EgressGateway.spec.authorization[index].from.rules.deny[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

EgressGateway.spec.authorization[index].from.rules.deny[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

EgressGateway.spec.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

EgressGateway.spec.extension[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

EgressGateway.spec.extension[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

EgressGateway.spec.extension[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

EgressGateway.spec.workloadSelector

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string		false
namespace	string	The namespace where the workload resides.	false

Gateway

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	gateway.tsb.tetrate.io/v2	true
kind	string	Gateway	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

Gateway.spec

^{^{↩ Parent}}

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
http	[]object	One or more HTTP or HTTPS servers exposed by the gateway.	false
tcp	[]object		false
tls	[]object	One or more TLS servers exposed by the gateway.	false
waf	object	WAF settings to be enabled for traffic passing through the HttpServer.	false
wasmPlugins	[]object		false
workloadSelector	object		false

Gateway.spec.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

Gateway.spec.http[index]

^{^{↩ Parent}}

Name	Type	Description	Required
authentication	object		false
authorization	object	Authorization is used to configure authorization of end users.	false
hostname	string	Hostname with which the service can be expected to be accessed by clients.	false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed at the gateway workload(pod). Minimum: 0 Maximum: 4.294967295e+09	false
rateLimiting	object	Configuration for rate limiting requests.	false
routing	object	Routing rules associated with HTTP traffic to this server.	false
tls	object	TLS certificate info.	false
transit	boolean	If set to true, the server is configured to be exposed within the mesh.	false

Gateway.spec.http[index].authentication

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

Gateway.spec.http[index].authentication.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

Gateway.spec.http[index].authentication.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

Gateway.spec.http[index].authentication.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

Gateway.spec.http[index].authentication.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

Gateway.spec.http[index].authentication.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

Gateway.spec.http[index].authentication.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

Gateway.spec.http[index].authentication.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

Gateway.spec.http[index].authorization

^{^{↩ Parent}}

Authorization is used to configure authorization of end users.

Name	Type	Description	Required
external	object		false
local	object		false

Gateway.spec.http[index].authorization.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

Gateway.spec.http[index].authorization.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

Gateway.spec.http[index].authorization.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

Gateway.spec.http[index].authorization.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

Gateway.spec.http[index].authorization.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

Gateway.spec.http[index].authorization.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

Gateway.spec.http[index].authorization.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

Gateway.spec.http[index].authorization.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

Gateway.spec.http[index].rateLimiting

^{^{↩ Parent}}

Configuration for rate limiting requests.

Name	Type	Description	Required
externalService	object	Configure ratelimiting using an external ratelimit server.	false
settings	object		false

Gateway.spec.http[index].rateLimiting.externalService

^{^{↩ Parent}}

Configure ratelimiting using an external ratelimit server.

Name	Type	Description	Required
domain	string	The rate limit domain to use when calling the rate limit service.	false
failClosed	boolean		false
rateLimitServerUri	string	The URI at which the external rate limit server can be reached.	false
rules	[]object	A set of rate limit rules.	false
timeout	string	The timeout in seconds for the external rate limit server RPC.	false
tls	object		false

Gateway.spec.http[index].rateLimiting.externalService.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions that are to be applied for this rate limit configuration.	false

Gateway.spec.http[index].rateLimiting.externalService.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationCluster	object	Rate limit on destination envoy cluster.	false
headerValueMatch	object	Rate limit on the existence of certain request headers.	false
remoteAddress	object	Rate limit on remote address of client.	false
requestHeaders	object	Rate limit on the value of certain request headers.	false
sourceCluster	object	Rate limit on source envoy cluster.	false

Gateway.spec.http[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch

^{^{↩ Parent}}

Rate limit on the existence of certain request headers.

Name	Type	Description	Required
descriptorValue	string	The value to use in the descriptor entry.	false
headers	map[string]object		false

Gateway.spec.http[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch.headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

Gateway.spec.http[index].rateLimiting.externalService.rules[index].dimensions[index].requestHeaders

^{^{↩ Parent}}

Rate limit on the value of certain request headers.

Name	Type	Description	Required
descriptorKey	string	The key to use in the descriptor entry.	false
headerName	string	The header name to be queried from the request headers.	false

Gateway.spec.http[index].rateLimiting.externalService.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

Gateway.spec.http[index].rateLimiting.externalService.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

Gateway.spec.http[index].rateLimiting.settings

^{^{↩ Parent}}

Name	Type	Description	Required
failClosed	boolean		false
rules	[]object	A list of rules for ratelimiting.	false
timeout	string	The timeout in seconds for the rate limit server RPC.	false

Gateway.spec.http[index].rateLimiting.settings.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions to define each ratelimit rule.	false
limit	object	The ratelimit value that will be configured for the above rules.	false

Gateway.spec.http[index].rateLimiting.settings.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
header	object	Rate limit on certain HTTP headers.	false
remoteAddress	object	Rate limit on the remote address of client.	false

Gateway.spec.http[index].rateLimiting.settings.rules[index].dimensions[index].header

^{^{↩ Parent}}

Rate limit on certain HTTP headers.

Name	Type	Description	Required
name	string	Name of the header to match on.	false
value	object	Value of the header to match on if matching on a specific value.	false

Gateway.spec.http[index].rateLimiting.settings.rules[index].dimensions[index].header.value

^{^{↩ Parent}}

Value of the header to match on if matching on a specific value.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

Gateway.spec.http[index].rateLimiting.settings.rules[index].dimensions[index].remoteAddress

^{^{↩ Parent}}

Rate limit on the remote address of client.

Name	Type	Description	Required
value	string	Ratelimit on a specific remote address.	false

Gateway.spec.http[index].rateLimiting.settings.rules[index].limit

^{^{↩ Parent}}

The ratelimit value that will be configured for the above rules.

Name

Type

Description

Required

requestsPerUnit

integer

Specifies the value of the rate limit.

Minimum: 0
Maximum: 4.294967295e+09

false

unit

enum

Specifies the unit of time for rate limit.

Enum: UNKNOWN, SECOND, MINUTE, HOUR, DAY

false

Gateway.spec.http[index].routing

^{^{↩ Parent}}

Routing rules associated with HTTP traffic to this server.

Name	Type	Description	Required
corsPolicy	object	Cross origin resource request policy settings for all routes.	false
rules	[]object	HTTP routes.	false

Gateway.spec.http[index].routing.corsPolicy

^{^{↩ Parent}}

Cross origin resource request policy settings for all routes.

Name	Type	Description	Required
allowCredentials	boolean		false
allowHeaders	[]string	List of HTTP headers that can be used when requesting the resource.	false
allowMethods	[]string	List of HTTP methods allowed to access the resource.	false
allowOrigin	[]string	The list of origins that are allowed to perform CORS requests.	false
exposeHeaders	[]string	A white list of HTTP headers that the browsers are allowed to access.	false
maxAge	string	Specifies how long the results of a preflight request can be cached.	false

Gateway.spec.http[index].routing.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
disableExternalAuthorization	boolean		false
match	[]object	One or more match conditions (OR-ed).	false
modify	object	One or more mutations to be performed before forwarding.	false
redirect	object	Redirect the request to a different host or URL or both.	false
route	object	Forward the request to the specified destination(s).	false

Gateway.spec.http[index].routing.rules[index].match[index]

^{^{↩ Parent}}

Name	Type	Description	Required
headers	map[string]object	The header keys must be lowercase and use hyphen as the separator, e.g.	false
uri	object	URI to match.	false

Gateway.spec.http[index].routing.rules[index].match[index].headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

Gateway.spec.http[index].routing.rules[index].match[index].uri

^{^{↩ Parent}}

URI to match.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

Gateway.spec.http[index].routing.rules[index].modify

^{^{↩ Parent}}

One or more mutations to be performed before forwarding.

Name	Type	Description	Required
headers	object	Add/remove/overwrite one or more HTTP headers in a request or response.	false
rewrite	object	Rewrite the HTTP Host or URL or both.	false

Gateway.spec.http[index].routing.rules[index].modify.headers

^{^{↩ Parent}}

Add/remove/overwrite one or more HTTP headers in a request or response.

Name	Type	Description	Required
request	object	Header manipulation rules to apply before forwarding a request to the destination service.	false
response	object	Header manipulation rules to apply before returning a response to the caller.	false

Gateway.spec.http[index].routing.rules[index].modify.headers.request

^{^{↩ Parent}}

Header manipulation rules to apply before forwarding a request to the destination service.

Name	Type	Description	Required
add	map[string]string		false
remove	[]string	Remove a the specified headers.	false
set	map[string]string	Overwrite the headers specified by key with the given values.	false

Gateway.spec.http[index].routing.rules[index].modify.headers.response

^{^{↩ Parent}}

Header manipulation rules to apply before returning a response to the caller.

Name	Type	Description	Required
add	map[string]string		false
remove	[]string	Remove a the specified headers.	false
set	map[string]string	Overwrite the headers specified by key with the given values.	false

Gateway.spec.http[index].routing.rules[index].modify.rewrite

^{^{↩ Parent}}

Rewrite the HTTP Host or URL or both.

Name	Type	Description	Required
authority	string	Rewrite the Authority/Host header with this value.	false
uri	string	Rewrite the path (or the prefix) portion of the URI with this value.	false

Gateway.spec.http[index].routing.rules[index].redirect

^{^{↩ Parent}}

Redirect the request to a different host or URL or both.

Name	Type	Description	Required
authority	string	On a redirect, overwrite the Authority/Host portion of the URL with this value.	false
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
redirectCode	integer	Minimum: 0 Maximum: 4.294967295e+09	false
scheme	string	On a redirect, overwrite the scheme with this one.	false
uri	string	On a redirect, overwrite the Path portion of the URL with this value.	false

Gateway.spec.http[index].routing.rules[index].route

^{^{↩ Parent}}

Forward the request to the specified destination(s).

Name	Type	Description	Required
clusterDestination	object		false
serviceDestination	object	RouteToService represents the service running in clusters.	false

Gateway.spec.http[index].routing.rules[index].route.clusterDestination

^{^{↩ Parent}}

Name	Type	Description	Required
clusters	[]object	The destination clusters that contain ingress gateways exposing the hostname.	false

Gateway.spec.http[index].routing.rules[index].route.clusterDestination.clusters[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels associated with the cluster.	false
name	string	The name of the destination cluster.	false
network	string	The network associated with the destination clusters.	false
weight	integer	The weight for traffic to a given destination. Minimum: 0 Maximum: 4.294967295e+09	false

Gateway.spec.http[index].routing.rules[index].route.serviceDestination

^{^{↩ Parent}}

RouteToService represents the service running in clusters.

Name Type Description Required

host

string

The destination service in &#003C;namespace&#003E;/&#003C;fqdn&#003E;.

false

port

integer

The port on the service to forward the request to.

Minimum: 0
Maximum: 4.294967295e+09

false

tls object false

Gateway.spec.http[index].routing.rules[index].route.serviceDestination.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

Gateway.spec.http[index].routing.rules[index].route.serviceDestination.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

Gateway.spec.http[index].tls

^{^{↩ Parent}}

TLS certificate info.

Name	Type	Description	Required
cipherSuites	[]string	List of cipher suites to be used for TLS connections.	false
files	object		false
maxProtocolVersion	enum	Set the maximum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
minProtocolVersion	enum	Set the minimum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string		false
subjectAltNames	[]string		false

Gateway.spec.http[index].tls.files

^{^{↩ Parent}}

Name	Type	Required
caCertificates	string	false
privateKey	string	false
serverCertificate	string	false

Gateway.spec.tcp[index]

^{^{↩ Parent}}

Name	Type	Description	Required
hostname	string	Hostname to identify the service.	false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed. Minimum: 0 Maximum: 4.294967295e+09	false
route	object	Forward the connection to the specified destination.	false
tls	object	TLS certificate info to terminate the TLS connection.	false
transit	boolean	If set to true, the server is configured to be exposed within the mesh.	false

Gateway.spec.tcp[index].route

^{^{↩ Parent}}

Forward the connection to the specified destination.

Name	Type	Description	Required
clusterDestination	object		false
serviceDestination	object	RouteToService represents the service running in clusters.	false

Gateway.spec.tcp[index].route.clusterDestination

^{^{↩ Parent}}

Name	Type	Description	Required
clusters	[]object	The destination clusters that contain ingress gateways exposing the hostname.	false

Gateway.spec.tcp[index].route.clusterDestination.clusters[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels associated with the cluster.	false
name	string	The name of the destination cluster.	false
network	string	The network associated with the destination clusters.	false
weight	integer	The weight for traffic to a given destination. Minimum: 0 Maximum: 4.294967295e+09	false

Gateway.spec.tcp[index].route.serviceDestination

^{^{↩ Parent}}

RouteToService represents the service running in clusters.

Name Type Description Required

host

string

The destination service in &#003C;namespace&#003E;/&#003C;fqdn&#003E;.

false

port

integer

The port on the service to forward the request to.

Minimum: 0
Maximum: 4.294967295e+09

false

tls object false

Gateway.spec.tcp[index].route.serviceDestination.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

Gateway.spec.tcp[index].route.serviceDestination.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

Gateway.spec.tcp[index].tls

^{^{↩ Parent}}

TLS certificate info to terminate the TLS connection.

Name	Type	Description	Required
cipherSuites	[]string	List of cipher suites to be used for TLS connections.	false
files	object		false
maxProtocolVersion	enum	Set the maximum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
minProtocolVersion	enum	Set the minimum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string		false
subjectAltNames	[]string		false

Gateway.spec.tcp[index].tls.files

^{^{↩ Parent}}

Name	Type	Required
caCertificates	string	false
privateKey	string	false
serverCertificate	string	false

Gateway.spec.tls[index]

^{^{↩ Parent}}

Name	Type	Description	Required
hostname	string	Hostname with which the service can be expected to be accessed by clients.	false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed. Minimum: 0 Maximum: 4.294967295e+09	false
route	object	Forward the connection to the specified destination.	false

Gateway.spec.tls[index].route

^{^{↩ Parent}}

Forward the connection to the specified destination.

Name	Type	Description	Required
clusterDestination	object		false
serviceDestination	object	RouteToService represents the service running in clusters.	false

Gateway.spec.tls[index].route.clusterDestination

^{^{↩ Parent}}

Name	Type	Description	Required
clusters	[]object	The destination clusters that contain ingress gateways exposing the hostname.	false

Gateway.spec.tls[index].route.clusterDestination.clusters[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels associated with the cluster.	false
name	string	The name of the destination cluster.	false
network	string	The network associated with the destination clusters.	false
weight	integer	The weight for traffic to a given destination. Minimum: 0 Maximum: 4.294967295e+09	false

Gateway.spec.tls[index].route.serviceDestination

^{^{↩ Parent}}

RouteToService represents the service running in clusters.

Name Type Description Required

host

string

The destination service in &#003C;namespace&#003E;/&#003C;fqdn&#003E;.

false

port

integer

The port on the service to forward the request to.

Minimum: 0
Maximum: 4.294967295e+09

false

tls object false

Gateway.spec.tls[index].route.serviceDestination.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

Gateway.spec.tls[index].route.serviceDestination.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

Gateway.spec.waf

^{^{↩ Parent}}

WAF settings to be enabled for traffic passing through the HttpServer.

Name	Type	Description	Required
rules	[]string	Rules to be leveraged by WAF.	false

Gateway.spec.wasmPlugins[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

Gateway.spec.wasmPlugins[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

Gateway.spec.wasmPlugins[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

Gateway.spec.workloadSelector

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string		false
namespace	string	The namespace where the workload resides.	false

Group

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	gateway.tsb.tetrate.io/v2	true
kind	string	Group	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

Group.spec

^{^{↩ Parent}}

Name	Type	Description	Required
configGenerationMetadata	object	Default metadata values that will be propagated to the children Istio generated configurations.	false
configMode	enum	Enum: BRIDGED, DIRECT	false
deletionProtectionEnabled	boolean	When set, prevents the resource from being deleted.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
namespaceSelector	object	Set of namespaces owned exclusively by this group.	false

Group.spec.configGenerationMetadata

^{^{↩ Parent}}

Default metadata values that will be propagated to the children Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

Group.spec.namespaceSelector

^{^{↩ Parent}}

Set of namespaces owned exclusively by this group.

Name	Type	Description	Required
names	[]string		false

IngressGateway

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	gateway.tsb.tetrate.io/v2	true
kind	string	IngressGateway	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`IngressGateway` configures a workload to act as an ingress gateway into the mesh.	false
status	object		false

IngressGateway.spec

^{^{↩ Parent}}

IngressGateway configures a workload to act as an ingress gateway into the mesh.

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
extension	[]object		false
fqn	string	Fully-qualified name of the resource.	false
http	[]object	One or more HTTP or HTTPS servers exposed by the gateway.	false
tcp	[]object		false
tlsPassthrough	[]object	One or more TLS servers exposed by the gateway.	false
waf	object	WAF settings to be enabled for traffic passing through the HttpServer.	false
workloadSelector	object		false

IngressGateway.spec.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

IngressGateway.spec.extension[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

IngressGateway.spec.extension[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

IngressGateway.spec.extension[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

IngressGateway.spec.http[index]

^{^{↩ Parent}}

Name	Type	Description	Required
authentication	object	Configuration to authenticate clients.	false
authorization	object	Configuration to authorize a request.	false
hostname	string	Hostname with which the service can be expected to be accessed by clients.	false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed. Minimum: 0 Maximum: 4.294967295e+09	false
rateLimiting	object	Configuration for rate limiting requests.	false
routing	object	Routing rules associated with HTTP traffic to this service.	false
tls	object	TLS certificate info.	false
xxxOldAuthentication	object		false
xxxOldAuthorization	object		false

IngressGateway.spec.http[index].authentication

^{^{↩ Parent}}

Configuration to authenticate clients.

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

IngressGateway.spec.http[index].authentication.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

IngressGateway.spec.http[index].authentication.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

IngressGateway.spec.http[index].authentication.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

IngressGateway.spec.http[index].authentication.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

IngressGateway.spec.http[index].authentication.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

IngressGateway.spec.http[index].authentication.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

IngressGateway.spec.http[index].authentication.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

IngressGateway.spec.http[index].authorization

^{^{↩ Parent}}

Configuration to authorize a request.

Name	Type	Description	Required
external	object		false
local	object		false

IngressGateway.spec.http[index].authorization.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

IngressGateway.spec.http[index].authorization.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

IngressGateway.spec.http[index].authorization.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

IngressGateway.spec.http[index].authorization.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

IngressGateway.spec.http[index].authorization.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

IngressGateway.spec.http[index].authorization.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

IngressGateway.spec.http[index].authorization.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

IngressGateway.spec.http[index].authorization.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

IngressGateway.spec.http[index].rateLimiting

^{^{↩ Parent}}

Configuration for rate limiting requests.

Name	Type	Description	Required
externalService	object	Configure ratelimiting using an external ratelimit server.	false
settings	object		false

IngressGateway.spec.http[index].rateLimiting.externalService

^{^{↩ Parent}}

Configure ratelimiting using an external ratelimit server.

Name	Type	Description	Required
domain	string	The rate limit domain to use when calling the rate limit service.	false
failClosed	boolean		false
rateLimitServerUri	string	The URI at which the external rate limit server can be reached.	false
rules	[]object	A set of rate limit rules.	false
timeout	string	The timeout in seconds for the external rate limit server RPC.	false
tls	object		false

IngressGateway.spec.http[index].rateLimiting.externalService.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions that are to be applied for this rate limit configuration.	false

IngressGateway.spec.http[index].rateLimiting.externalService.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationCluster	object	Rate limit on destination envoy cluster.	false
headerValueMatch	object	Rate limit on the existence of certain request headers.	false
remoteAddress	object	Rate limit on remote address of client.	false
requestHeaders	object	Rate limit on the value of certain request headers.	false
sourceCluster	object	Rate limit on source envoy cluster.	false

IngressGateway.spec.http[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch

^{^{↩ Parent}}

Rate limit on the existence of certain request headers.

Name	Type	Description	Required
descriptorValue	string	The value to use in the descriptor entry.	false
headers	map[string]object		false

IngressGateway.spec.http[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch.headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

IngressGateway.spec.http[index].rateLimiting.externalService.rules[index].dimensions[index].requestHeaders

^{^{↩ Parent}}

Rate limit on the value of certain request headers.

Name	Type	Description	Required
descriptorKey	string	The key to use in the descriptor entry.	false
headerName	string	The header name to be queried from the request headers.	false

IngressGateway.spec.http[index].rateLimiting.externalService.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

IngressGateway.spec.http[index].rateLimiting.externalService.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

IngressGateway.spec.http[index].rateLimiting.settings

^{^{↩ Parent}}

Name	Type	Description	Required
failClosed	boolean		false
rules	[]object	A list of rules for ratelimiting.	false
timeout	string	The timeout in seconds for the rate limit server RPC.	false

IngressGateway.spec.http[index].rateLimiting.settings.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions to define each ratelimit rule.	false
limit	object	The ratelimit value that will be configured for the above rules.	false

IngressGateway.spec.http[index].rateLimiting.settings.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
header	object	Rate limit on certain HTTP headers.	false
remoteAddress	object	Rate limit on the remote address of client.	false

IngressGateway.spec.http[index].rateLimiting.settings.rules[index].dimensions[index].header

^{^{↩ Parent}}

Rate limit on certain HTTP headers.

Name	Type	Description	Required
name	string	Name of the header to match on.	false
value	object	Value of the header to match on if matching on a specific value.	false

IngressGateway.spec.http[index].rateLimiting.settings.rules[index].dimensions[index].header.value

^{^{↩ Parent}}

Value of the header to match on if matching on a specific value.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

IngressGateway.spec.http[index].rateLimiting.settings.rules[index].dimensions[index].remoteAddress

^{^{↩ Parent}}

Rate limit on the remote address of client.

Name	Type	Description	Required
value	string	Ratelimit on a specific remote address.	false

IngressGateway.spec.http[index].rateLimiting.settings.rules[index].limit

^{^{↩ Parent}}

The ratelimit value that will be configured for the above rules.

Name

Type

Description

Required

requestsPerUnit

integer

Specifies the value of the rate limit.

Minimum: 0
Maximum: 4.294967295e+09

false

unit

enum

Specifies the unit of time for rate limit.

Enum: UNKNOWN, SECOND, MINUTE, HOUR, DAY

false

IngressGateway.spec.http[index].routing

^{^{↩ Parent}}

Routing rules associated with HTTP traffic to this service.

Name	Type	Description	Required
corsPolicy	object	Cross origin resource request policy settings for all routes.	false
rules	[]object	HTTP routes.	false

IngressGateway.spec.http[index].routing.corsPolicy

^{^{↩ Parent}}

Cross origin resource request policy settings for all routes.

Name	Type	Description	Required
allowCredentials	boolean		false
allowHeaders	[]string	List of HTTP headers that can be used when requesting the resource.	false
allowMethods	[]string	List of HTTP methods allowed to access the resource.	false
allowOrigin	[]string	The list of origins that are allowed to perform CORS requests.	false
exposeHeaders	[]string	A white list of HTTP headers that the browsers are allowed to access.	false
maxAge	string	Specifies how long the results of a preflight request can be cached.	false

IngressGateway.spec.http[index].routing.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
match	[]object	One or more match conditions (OR-ed).	false
modify	object	One or more mutations to be performed before forwarding.	false
redirect	object	Redirect the request to a different host or URL or both.	false
route	object	Forward the request to the specified destination(s).	false

IngressGateway.spec.http[index].routing.rules[index].match[index]

^{^{↩ Parent}}

Name	Type	Description	Required
headers	map[string]object	The header keys must be lowercase and use hyphen as the separator, e.g.	false
uri	object	URI to match.	false

IngressGateway.spec.http[index].routing.rules[index].match[index].headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

IngressGateway.spec.http[index].routing.rules[index].match[index].uri

^{^{↩ Parent}}

URI to match.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

IngressGateway.spec.http[index].routing.rules[index].modify

^{^{↩ Parent}}

One or more mutations to be performed before forwarding.

Name	Type	Description	Required
headers	object	Add/remove/overwrite one or more HTTP headers in a request or response.	false
rewrite	object	Rewrite the HTTP Host or URL or both.	false

IngressGateway.spec.http[index].routing.rules[index].modify.headers

^{^{↩ Parent}}

Add/remove/overwrite one or more HTTP headers in a request or response.

Name	Type	Description	Required
request	object	Header manipulation rules to apply before forwarding a request to the destination service.	false
response	object	Header manipulation rules to apply before returning a response to the caller.	false

IngressGateway.spec.http[index].routing.rules[index].modify.headers.request

^{^{↩ Parent}}

Header manipulation rules to apply before forwarding a request to the destination service.

Name	Type	Description	Required
add	map[string]string		false
remove	[]string	Remove a the specified headers.	false
set	map[string]string	Overwrite the headers specified by key with the given values.	false

IngressGateway.spec.http[index].routing.rules[index].modify.headers.response

^{^{↩ Parent}}

Header manipulation rules to apply before returning a response to the caller.

Name	Type	Description	Required
add	map[string]string		false
remove	[]string	Remove a the specified headers.	false
set	map[string]string	Overwrite the headers specified by key with the given values.	false

IngressGateway.spec.http[index].routing.rules[index].modify.rewrite

^{^{↩ Parent}}

Rewrite the HTTP Host or URL or both.

Name	Type	Description	Required
authority	string	Rewrite the Authority/Host header with this value.	false
uri	string	Rewrite the path (or the prefix) portion of the URI with this value.	false

IngressGateway.spec.http[index].routing.rules[index].redirect

^{^{↩ Parent}}

Redirect the request to a different host or URL or both.

Name	Type	Description	Required
authority	string	On a redirect, overwrite the Authority/Host portion of the URL with this value.	false
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
redirectCode	integer	Minimum: 0 Maximum: 4.294967295e+09	false
scheme	string	On a redirect, overwrite the scheme with this one.	false
uri	string	On a redirect, overwrite the Path portion of the URL with this value.	false

IngressGateway.spec.http[index].routing.rules[index].route

^{^{↩ Parent}}

Forward the request to the specified destination(s).

Name

Type

Description

Required

host

string

false

port

integer

The port on the service to forward the request to.

Minimum: 0
Maximum: 4.294967295e+09

false

IngressGateway.spec.http[index].tls

^{^{↩ Parent}}

TLS certificate info.

Name	Type	Description	Required
cipherSuites	[]string	List of cipher suites to be used for TLS connections.	false
files	object		false
maxProtocolVersion	enum	Set the maximum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
minProtocolVersion	enum	Set the minimum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string		false
subjectAltNames	[]string		false

IngressGateway.spec.http[index].tls.files

^{^{↩ Parent}}

Name	Type	Required
caCertificates	string	false
privateKey	string	false
serverCertificate	string	false

IngressGateway.spec.http[index].xxxOldAuthentication

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object		false

IngressGateway.spec.http[index].xxxOldAuthentication.jwt

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false

IngressGateway.spec.http[index].xxxOldAuthorization

^{^{↩ Parent}}

Name	Type	Description	Required
external	object		false
local	object		false

IngressGateway.spec.http[index].xxxOldAuthorization.external

^{^{↩ Parent}}

Name	Type	Description	Required
includeRequestHeaders	[]string		false
uri	string		false

IngressGateway.spec.http[index].xxxOldAuthorization.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

IngressGateway.spec.http[index].xxxOldAuthorization.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

IngressGateway.spec.http[index].xxxOldAuthorization.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

IngressGateway.spec.http[index].xxxOldAuthorization.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

IngressGateway.spec.http[index].xxxOldAuthorization.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

IngressGateway.spec.tcp[index]

^{^{↩ Parent}}

Name	Type	Description	Required
hostname	string	Hostname to identify the service.	false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed. Minimum: 0 Maximum: 4.294967295e+09	false
route	object	Forward the connection to the specified destination.	false
tls	object		false

IngressGateway.spec.tcp[index].route

^{^{↩ Parent}}

Forward the connection to the specified destination.

Name

Type

Description

Required

host

string

false

port

integer

The port on the service to forward the request to.

Minimum: 0
Maximum: 4.294967295e+09

false

IngressGateway.spec.tcp[index].tls

^{^{↩ Parent}}

Name	Type	Description	Required
cipherSuites	[]string	List of cipher suites to be used for TLS connections.	false
files	object		false
maxProtocolVersion	enum	Set the maximum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
minProtocolVersion	enum	Set the minimum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string		false
subjectAltNames	[]string		false

IngressGateway.spec.tcp[index].tls.files

^{^{↩ Parent}}

Name	Type	Required
caCertificates	string	false
privateKey	string	false
serverCertificate	string	false

IngressGateway.spec.tlsPassthrough[index]

^{^{↩ Parent}}

Name	Type	Description	Required
hostname	string	Hostname with which the service can be expected to be accessed by clients.	false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed. Minimum: 0 Maximum: 4.294967295e+09	false
route	object	Forward the connection to the specified destination.	false

IngressGateway.spec.tlsPassthrough[index].route

^{^{↩ Parent}}

Forward the connection to the specified destination.

Name

Type

Description

Required

host

string

false

port

integer

The port on the service to forward the request to.

Minimum: 0
Maximum: 4.294967295e+09

false

IngressGateway.spec.waf

^{^{↩ Parent}}

WAF settings to be enabled for traffic passing through the HttpServer.

Name	Type	Description	Required
rules	[]string	Rules to be leveraged by WAF.	false

IngressGateway.spec.workloadSelector

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string		false
namespace	string	The namespace where the workload resides.	false

Tier1Gateway

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	gateway.tsb.tetrate.io/v2	true
kind	string	Tier1Gateway	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.	false
status	object		false

Tier1Gateway.spec

^{^{↩ Parent}}

Tier1Gateway configures a workload to act as a tier1 gateway into the mesh.

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
extension	[]object		false
externalServers	[]object	One or more servers exposed by the gateway externally.	false
fqn	string	Fully-qualified name of the resource.	false
internalServers	[]object	One or more servers exposed by the gateway internally for cross cluster forwarding.	false
passthroughServers	[]object	One or more tls passthrough servers exposed by the gateway externally.	false
tcpExternalServers	[]object	One or more tcp servers exposed by the gateway externally.	false
tcpInternalServers	[]object	One or more tcp servers exposed by the gateway for mesh internal traffic.	false
waf	object	WAF settings to be enabled for traffic passing through this Tier1 gateway.	false
workloadSelector	object		false

Tier1Gateway.spec.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

Tier1Gateway.spec.extension[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

Tier1Gateway.spec.extension[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

Tier1Gateway.spec.extension[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

Tier1Gateway.spec.externalServers[index]

^{^{↩ Parent}}

Name	Type	Description	Required
authentication	object		false
authorization	object	Authorization is used to configure authorization of end users.	false
clusters	[]object		false
hostname	string		false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed. Minimum: 0 Maximum: 4.294967295e+09	false
rateLimiting	object	Configuration for rate limiting requests.	false
redirect	object	Redirect allows configuring HTTP redirect.	false
tls	object	TLS certificate info.	false

Tier1Gateway.spec.externalServers[index].authentication

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

Tier1Gateway.spec.externalServers[index].authentication.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

Tier1Gateway.spec.externalServers[index].authentication.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

Tier1Gateway.spec.externalServers[index].authentication.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

Tier1Gateway.spec.externalServers[index].authentication.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

Tier1Gateway.spec.externalServers[index].authentication.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

Tier1Gateway.spec.externalServers[index].authentication.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

Tier1Gateway.spec.externalServers[index].authentication.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

Tier1Gateway.spec.externalServers[index].authorization

^{^{↩ Parent}}

Authorization is used to configure authorization of end users.

Name	Type	Description	Required
external	object		false
local	object		false

Tier1Gateway.spec.externalServers[index].authorization.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

Tier1Gateway.spec.externalServers[index].authorization.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

Tier1Gateway.spec.externalServers[index].authorization.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

Tier1Gateway.spec.externalServers[index].authorization.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

Tier1Gateway.spec.externalServers[index].authorization.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

Tier1Gateway.spec.externalServers[index].authorization.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

Tier1Gateway.spec.externalServers[index].authorization.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

Tier1Gateway.spec.externalServers[index].authorization.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

Tier1Gateway.spec.externalServers[index].clusters[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels associated with the cluster.	false
name	string	The name of the destination cluster.	false
network	string	The network associated with the destination clusters.	false
weight	integer	The weight for traffic to a given destination. Minimum: 0 Maximum: 4.294967295e+09	false

Tier1Gateway.spec.externalServers[index].rateLimiting

^{^{↩ Parent}}

Configuration for rate limiting requests.

Name	Type	Description	Required
externalService	object	Configure ratelimiting using an external ratelimit server.	false
settings	object		false

Tier1Gateway.spec.externalServers[index].rateLimiting.externalService

^{^{↩ Parent}}

Configure ratelimiting using an external ratelimit server.

Name	Type	Description	Required
domain	string	The rate limit domain to use when calling the rate limit service.	false
failClosed	boolean		false
rateLimitServerUri	string	The URI at which the external rate limit server can be reached.	false
rules	[]object	A set of rate limit rules.	false
timeout	string	The timeout in seconds for the external rate limit server RPC.	false
tls	object		false

Tier1Gateway.spec.externalServers[index].rateLimiting.externalService.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions that are to be applied for this rate limit configuration.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.externalService.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationCluster	object	Rate limit on destination envoy cluster.	false
headerValueMatch	object	Rate limit on the existence of certain request headers.	false
remoteAddress	object	Rate limit on remote address of client.	false
requestHeaders	object	Rate limit on the value of certain request headers.	false
sourceCluster	object	Rate limit on source envoy cluster.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch

^{^{↩ Parent}}

Rate limit on the existence of certain request headers.

Name	Type	Description	Required
descriptorValue	string	The value to use in the descriptor entry.	false
headers	map[string]object		false

Tier1Gateway.spec.externalServers[index].rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch.headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.externalService.rules[index].dimensions[index].requestHeaders

^{^{↩ Parent}}

Rate limit on the value of certain request headers.

Name	Type	Description	Required
descriptorKey	string	The key to use in the descriptor entry.	false
headerName	string	The header name to be queried from the request headers.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.externalService.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

Tier1Gateway.spec.externalServers[index].rateLimiting.externalService.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.settings

^{^{↩ Parent}}

Name	Type	Description	Required
failClosed	boolean		false
rules	[]object	A list of rules for ratelimiting.	false
timeout	string	The timeout in seconds for the rate limit server RPC.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.settings.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions to define each ratelimit rule.	false
limit	object	The ratelimit value that will be configured for the above rules.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.settings.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
header	object	Rate limit on certain HTTP headers.	false
remoteAddress	object	Rate limit on the remote address of client.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.settings.rules[index].dimensions[index].header

^{^{↩ Parent}}

Rate limit on certain HTTP headers.

Name	Type	Description	Required
name	string	Name of the header to match on.	false
value	object	Value of the header to match on if matching on a specific value.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.settings.rules[index].dimensions[index].header.value

^{^{↩ Parent}}

Value of the header to match on if matching on a specific value.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.settings.rules[index].dimensions[index].remoteAddress

^{^{↩ Parent}}

Rate limit on the remote address of client.

Name	Type	Description	Required
value	string	Ratelimit on a specific remote address.	false

Tier1Gateway.spec.externalServers[index].rateLimiting.settings.rules[index].limit

^{^{↩ Parent}}

The ratelimit value that will be configured for the above rules.

Name

Type

Description

Required

requestsPerUnit

integer

Specifies the value of the rate limit.

Minimum: 0
Maximum: 4.294967295e+09

false

unit

enum

Specifies the unit of time for rate limit.

Enum: UNKNOWN, SECOND, MINUTE, HOUR, DAY

false

Tier1Gateway.spec.externalServers[index].redirect

^{^{↩ Parent}}

Redirect allows configuring HTTP redirect.

Name	Type	Description	Required
authority	string	On a redirect, overwrite the Authority/Host portion of the URL with this value.	false
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
redirectCode	integer	Minimum: 0 Maximum: 4.294967295e+09	false
scheme	string	On a redirect, overwrite the scheme with this one.	false
uri	string	On a redirect, overwrite the Path portion of the URL with this value.	false

Tier1Gateway.spec.externalServers[index].tls

^{^{↩ Parent}}

TLS certificate info.

Name	Type	Description	Required
cipherSuites	[]string	List of cipher suites to be used for TLS connections.	false
files	object		false
maxProtocolVersion	enum	Set the maximum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
minProtocolVersion	enum	Set the minimum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string		false
subjectAltNames	[]string		false

Tier1Gateway.spec.externalServers[index].tls.files

^{^{↩ Parent}}

Name	Type	Required
caCertificates	string	false
privateKey	string	false
serverCertificate	string	false

Tier1Gateway.spec.internalServers[index]

^{^{↩ Parent}}

Name	Type	Description	Required
authentication	object		false
authorization	object	Authorization is used to configure authorization of end user and traffic.	false
clusters	[]object		false
hostname	string		false
name	string	A name assigned to the server.	false

Tier1Gateway.spec.internalServers[index].authentication

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

Tier1Gateway.spec.internalServers[index].authentication.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

Tier1Gateway.spec.internalServers[index].authentication.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

Tier1Gateway.spec.internalServers[index].authentication.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

Tier1Gateway.spec.internalServers[index].authentication.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

Tier1Gateway.spec.internalServers[index].authentication.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

Tier1Gateway.spec.internalServers[index].authentication.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

Tier1Gateway.spec.internalServers[index].authentication.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

Tier1Gateway.spec.internalServers[index].authorization

^{^{↩ Parent}}

Authorization is used to configure authorization of end user and traffic.

Name	Type	Description	Required
external	object		false
local	object		false

Tier1Gateway.spec.internalServers[index].authorization.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

Tier1Gateway.spec.internalServers[index].authorization.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

Tier1Gateway.spec.internalServers[index].authorization.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

Tier1Gateway.spec.internalServers[index].authorization.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

Tier1Gateway.spec.internalServers[index].authorization.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

Tier1Gateway.spec.internalServers[index].authorization.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

Tier1Gateway.spec.internalServers[index].authorization.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

Tier1Gateway.spec.internalServers[index].authorization.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

Tier1Gateway.spec.internalServers[index].clusters[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels associated with the cluster.	false
name	string	The name of the destination cluster.	false
network	string	The network associated with the destination clusters.	false
weight	integer	The weight for traffic to a given destination. Minimum: 0 Maximum: 4.294967295e+09	false

Tier1Gateway.spec.passthroughServers[index]

^{^{↩ Parent}}

Name	Type	Description	Required
clusters	[]object		false
hostname	string		false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed. Minimum: 0 Maximum: 4.294967295e+09	false

Tier1Gateway.spec.passthroughServers[index].clusters[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels associated with the cluster.	false
name	string	The name of the destination cluster.	false
network	string	The network associated with the destination clusters.	false
weight	integer	The weight for traffic to a given destination. Minimum: 0 Maximum: 4.294967295e+09	false

Tier1Gateway.spec.tcpExternalServers[index]

^{^{↩ Parent}}

Name	Type	Description	Required
clusters	[]object	The destination clusters contain ingress gateways exposing the service.	false
hostname	string		false
name	string	A name assigned to the server.	false
port	integer	The port where the server is exposed. Minimum: 0 Maximum: 4.294967295e+09	false
tls	object	TLS certificate information to terminate TLS.	false

Tier1Gateway.spec.tcpExternalServers[index].clusters[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels associated with the cluster.	false
name	string	The name of the destination cluster.	false
network	string	The network associated with the destination clusters.	false
weight	integer	The weight for traffic to a given destination. Minimum: 0 Maximum: 4.294967295e+09	false

Tier1Gateway.spec.tcpExternalServers[index].tls

^{^{↩ Parent}}

TLS certificate information to terminate TLS.

Name	Type	Description	Required
cipherSuites	[]string	List of cipher suites to be used for TLS connections.	false
files	object		false
maxProtocolVersion	enum	Set the maximum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
minProtocolVersion	enum	Set the minimum supported TLS protocol version. Enum: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string		false
subjectAltNames	[]string		false

Tier1Gateway.spec.tcpExternalServers[index].tls.files

^{^{↩ Parent}}

Name	Type	Required
caCertificates	string	false
privateKey	string	false
serverCertificate	string	false

Tier1Gateway.spec.tcpInternalServers[index]

^{^{↩ Parent}}

Name	Type	Description	Required
clusters	[]object	The destination clusters contain ingress gateways exposing the service.	false
hostname	string	The name of the service used.	false
name	string	A name assigned to the server.	false

Tier1Gateway.spec.tcpInternalServers[index].clusters[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels associated with the cluster.	false
name	string	The name of the destination cluster.	false
network	string	The network associated with the destination clusters.	false
weight	integer	The weight for traffic to a given destination. Minimum: 0 Maximum: 4.294967295e+09	false

Tier1Gateway.spec.waf

^{^{↩ Parent}}

WAF settings to be enabled for traffic passing through this Tier1 gateway.

Name	Type	Description	Required
rules	[]string	Rules to be leveraged by WAF.	false

Tier1Gateway.spec.workloadSelector

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string		false
namespace	string	The namespace where the workload resides.	false

istiointernal.tsb.tetrate.io/v2

Resource Types:

Group

Group

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	istiointernal.tsb.tetrate.io/v2	true
kind	string	Group	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

Group.spec

^{^{↩ Parent}}

Name	Type	Description	Required
configGenerationMetadata	object	Default metadata values that will be propagated to the children Istio generated configurations.	false
deletionProtectionEnabled	boolean	When set, prevents the resource from being deleted.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
namespaceSelector	object	Set of namespaces owned exclusively by this group.	false

Group.spec.configGenerationMetadata

^{^{↩ Parent}}

Default metadata values that will be propagated to the children Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

Group.spec.namespaceSelector

^{^{↩ Parent}}

Set of namespaces owned exclusively by this group.

Name	Type	Description	Required
names	[]string		false

rbac.tsb.tetrate.io/v2

Resource Types:

APIAccessBindings
AccessBindings
ApplicationAccessBindings
GatewayAccessBindings
IstioInternalAccessBindings
OrganizationAccessBindings
Role
SecurityAccessBindings
TenantAccessBindings
TrafficAccessBindings
WorkspaceAccessBindings

APIAccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	APIAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`APIAccessBindings` assigns permissions to users of APIs.	false
status	object		false

APIAccessBindings.spec

^{^{↩ Parent}}

APIAccessBindings assigns permissions to users of APIs.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

APIAccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

APIAccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

AccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	AccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`AccessBindings` assigns permissions to users of any TSB resource.	false
status	object		false

AccessBindings.spec

^{^{↩ Parent}}

AccessBindings assigns permissions to users of any TSB resource.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false

AccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

AccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

ApplicationAccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	ApplicationAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`ApplicationAccessBindings` assigns permissions to users of applications.	false
status	object		false

ApplicationAccessBindings.spec

^{^{↩ Parent}}

ApplicationAccessBindings assigns permissions to users of applications.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

ApplicationAccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

ApplicationAccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

GatewayAccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	GatewayAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`GatewayAccessBindings` assigns permissions to users of gateway groups.	false
status	object		false

GatewayAccessBindings.spec

^{^{↩ Parent}}

GatewayAccessBindings assigns permissions to users of gateway groups.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

GatewayAccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

GatewayAccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

IstioInternalAccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	IstioInternalAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`IstioInternalAccessBindings` assigns permissions to users of istio internal groups.	false
status	object		false

IstioInternalAccessBindings.spec

^{^{↩ Parent}}

IstioInternalAccessBindings assigns permissions to users of istio internal groups.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

IstioInternalAccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

IstioInternalAccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

OrganizationAccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	OrganizationAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`OrganizationAccessBindings` assigns permissions to users of organizations.	false
status	object		false

OrganizationAccessBindings.spec

^{^{↩ Parent}}

OrganizationAccessBindings assigns permissions to users of organizations.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

OrganizationAccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

OrganizationAccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

Role

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	Role	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

Role.spec

^{^{↩ Parent}}

Name	Type	Description	Required
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
rules	[]object	A set of rules that define the permissions associated with each API group.	false

Role.spec.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
permissions	[]enum	The set of actions allowed for these APIs.	false
types	[]object	The set of API groups and the api Kinds within the group on which this rule is applicable.	false

Role.spec.rules[index].types[index]

^{^{↩ Parent}}

Name	Type	Description	Required
apiGroup	string	A specific API group such as traffic.tsb.tetrate.io/v2.	false
kinds	[]string	Specific kinds of APIs under the API group.	false

SecurityAccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	SecurityAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`SecurityAccessBindings` assigns permissions to users of security groups.	false
status	object		false

SecurityAccessBindings.spec

^{^{↩ Parent}}

SecurityAccessBindings assigns permissions to users of security groups.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

SecurityAccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

SecurityAccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

TenantAccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	TenantAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`TenantAccessBindings` assigns permissions to users of tenants.	false
status	object		false

TenantAccessBindings.spec

^{^{↩ Parent}}

TenantAccessBindings assigns permissions to users of tenants.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

TenantAccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

TenantAccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

TrafficAccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	TrafficAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`TrafficAccessBindings` assigns permissions to users of traffic groups.	false
status	object		false

TrafficAccessBindings.spec

^{^{↩ Parent}}

TrafficAccessBindings assigns permissions to users of traffic groups.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

TrafficAccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

TrafficAccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

WorkspaceAccessBindings

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	WorkspaceAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	`WorkspaceAccessBindings` assigns permissions to users of workspaces.	false
status	object		false

WorkspaceAccessBindings.spec

^{^{↩ Parent}}

WorkspaceAccessBindings assigns permissions to users of workspaces.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

WorkspaceAccessBindings.spec.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
role	string		false
subjects	[]object		false

WorkspaceAccessBindings.spec.allow[index].subjects[index]

^{^{↩ Parent}}

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

security.tsb.tetrate.io/v2

Resource Types:

Group
SecuritySetting
ServiceSecuritySetting

Group

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	security.tsb.tetrate.io/v2	true
kind	string	Group	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

Group.spec

^{^{↩ Parent}}

Name	Type	Description	Required
configGenerationMetadata	object	Default metadata values that will be propagated to the children Istio generated configurations.	false
configMode	enum	Enum: BRIDGED, DIRECT	false
deletionProtectionEnabled	boolean	When set, prevents the resource from being deleted.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
namespaceSelector	object	Set of namespaces owned exclusively by this group.	false
securityDomain	string	Security domains can be used to group different resources under the same security domain.	false

Group.spec.configGenerationMetadata

^{^{↩ Parent}}

Default metadata values that will be propagated to the children Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

Group.spec.namespaceSelector

^{^{↩ Parent}}

Set of namespaces owned exclusively by this group.

Name	Type	Description	Required
names	[]string		false

SecuritySetting

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	security.tsb.tetrate.io/v2	true
kind	string	SecuritySetting	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

SecuritySetting.spec

^{^{↩ Parent}}

Name	Type	Description	Required
authentication	enum	Enum: UNSET, OPTIONAL, REQUIRED	false
authenticationSettings	object		false
authorization	object		false
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
extension	[]object		false
fqn	string	Fully-qualified name of the resource.	false
propagationStrategy	enum	Enum: REPLACE, STRICTER	false
waf	object	NOTICE: this feature is in alpha stage and under active development.	false

SecuritySetting.spec.authenticationSettings

^{^{↩ Parent}}

Name	Type	Description	Required
http	object		false
trafficMode	enum	Enum: UNSET, OPTIONAL, REQUIRED	false

SecuritySetting.spec.authenticationSettings.http

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

SecuritySetting.spec.authenticationSettings.http.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

SecuritySetting.spec.authenticationSettings.http.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

SecuritySetting.spec.authenticationSettings.http.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

SecuritySetting.spec.authenticationSettings.http.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

SecuritySetting.spec.authenticationSettings.http.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

SecuritySetting.spec.authenticationSettings.http.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

SecuritySetting.spec.authenticationSettings.http.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

SecuritySetting.spec.authorization

^{^{↩ Parent}}

Name	Type	Description	Required
http	object	This is for configuring HTTP request authorization.	false
mode	enum	A short cut for specifying the set of allowed callers. Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, DISABLED, CUSTOM, RULES	false
rules	object		false
serviceAccounts	[]string		false

SecuritySetting.spec.authorization.http

^{^{↩ Parent}}

This is for configuring HTTP request authorization.

Name	Type	Description	Required
external	object		false
local	object		false

SecuritySetting.spec.authorization.http.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

SecuritySetting.spec.authorization.http.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

SecuritySetting.spec.authorization.http.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

SecuritySetting.spec.authorization.http.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

SecuritySetting.spec.authorization.http.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

SecuritySetting.spec.authorization.http.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

SecuritySetting.spec.authorization.http.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

SecuritySetting.spec.authorization.http.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

SecuritySetting.spec.authorization.rules

^{^{↩ Parent}}

Name	Type	Description	Required
allow	[]object	Allow specifies a list of rules.	false
deny	[]object	Deny specifies a list of rules.	false
denyAll	boolean	Deny all specifies whether all requests should be rejected.	false

SecuritySetting.spec.authorization.rules.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

SecuritySetting.spec.authorization.rules.allow[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

SecuritySetting.spec.authorization.rules.allow[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

SecuritySetting.spec.authorization.rules.deny[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

SecuritySetting.spec.authorization.rules.deny[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

SecuritySetting.spec.authorization.rules.deny[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

SecuritySetting.spec.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

SecuritySetting.spec.extension[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

SecuritySetting.spec.extension[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

SecuritySetting.spec.extension[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

SecuritySetting.spec.waf

^{^{↩ Parent}}

NOTICE: this feature is in alpha stage and under active development.

Name	Type	Description	Required
rules	[]string	Rules to be leveraged by WAF.	false

ServiceSecuritySetting

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	security.tsb.tetrate.io/v2	true
kind	string	ServiceSecuritySetting	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

ServiceSecuritySetting.spec

^{^{↩ Parent}}

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
service	string	The service on which the configuration is being applied.	false
settings	object	Security settings to apply to this service.	false
subsets	[]object		false

ServiceSecuritySetting.spec.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

ServiceSecuritySetting.spec.settings

^{^{↩ Parent}}

Security settings to apply to this service.

Name	Type	Description	Required
authentication	enum	Enum: UNSET, OPTIONAL, REQUIRED	false
authenticationSettings	object		false
authorization	object		false
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
extension	[]object		false
fqn	string	Fully-qualified name of the resource.	false
propagationStrategy	enum	Enum: REPLACE, STRICTER	false
waf	object	NOTICE: this feature is in alpha stage and under active development.	false

ServiceSecuritySetting.spec.settings.authenticationSettings

^{^{↩ Parent}}

Name	Type	Description	Required
http	object		false
trafficMode	enum	Enum: UNSET, OPTIONAL, REQUIRED	false

ServiceSecuritySetting.spec.settings.authenticationSettings.http

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

ServiceSecuritySetting.spec.settings.authenticationSettings.http.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

ServiceSecuritySetting.spec.settings.authenticationSettings.http.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

ServiceSecuritySetting.spec.settings.authenticationSettings.http.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

ServiceSecuritySetting.spec.settings.authenticationSettings.http.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

ServiceSecuritySetting.spec.settings.authenticationSettings.http.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

ServiceSecuritySetting.spec.settings.authenticationSettings.http.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

ServiceSecuritySetting.spec.settings.authenticationSettings.http.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

ServiceSecuritySetting.spec.settings.authorization

^{^{↩ Parent}}

Name	Type	Description	Required
http	object	This is for configuring HTTP request authorization.	false
mode	enum	A short cut for specifying the set of allowed callers. Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, DISABLED, CUSTOM, RULES	false
rules	object		false
serviceAccounts	[]string		false

ServiceSecuritySetting.spec.settings.authorization.http

^{^{↩ Parent}}

This is for configuring HTTP request authorization.

Name	Type	Description	Required
external	object		false
local	object		false

ServiceSecuritySetting.spec.settings.authorization.http.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

ServiceSecuritySetting.spec.settings.authorization.http.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

ServiceSecuritySetting.spec.settings.authorization.http.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

ServiceSecuritySetting.spec.settings.authorization.http.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

ServiceSecuritySetting.spec.settings.authorization.http.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

ServiceSecuritySetting.spec.settings.authorization.http.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

ServiceSecuritySetting.spec.settings.authorization.http.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

ServiceSecuritySetting.spec.settings.authorization.http.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

ServiceSecuritySetting.spec.settings.authorization.rules

^{^{↩ Parent}}

Name	Type	Description	Required
allow	[]object	Allow specifies a list of rules.	false
deny	[]object	Deny specifies a list of rules.	false
denyAll	boolean	Deny all specifies whether all requests should be rejected.	false

ServiceSecuritySetting.spec.settings.authorization.rules.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

ServiceSecuritySetting.spec.settings.authorization.rules.allow[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

ServiceSecuritySetting.spec.settings.authorization.rules.allow[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

ServiceSecuritySetting.spec.settings.authorization.rules.deny[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

ServiceSecuritySetting.spec.settings.authorization.rules.deny[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

ServiceSecuritySetting.spec.settings.authorization.rules.deny[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

ServiceSecuritySetting.spec.settings.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

ServiceSecuritySetting.spec.settings.extension[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

ServiceSecuritySetting.spec.settings.extension[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

ServiceSecuritySetting.spec.settings.extension[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

ServiceSecuritySetting.spec.settings.waf

^{^{↩ Parent}}

NOTICE: this feature is in alpha stage and under active development.

Name	Type	Description	Required
rules	[]string	Rules to be leveraged by WAF.	false

ServiceSecuritySetting.spec.subsets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	Name used to refer to the subset.	false
settings	object	Security settings to apply to this service subset.	false

ServiceSecuritySetting.spec.subsets[index].settings

^{^{↩ Parent}}

Security settings to apply to this service subset.

Name	Type	Description	Required
authentication	enum	Enum: UNSET, OPTIONAL, REQUIRED	false
authenticationSettings	object		false
authorization	object		false
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
extension	[]object		false
fqn	string	Fully-qualified name of the resource.	false
propagationStrategy	enum	Enum: REPLACE, STRICTER	false
waf	object	NOTICE: this feature is in alpha stage and under active development.	false

ServiceSecuritySetting.spec.subsets[index].settings.authenticationSettings

^{^{↩ Parent}}

Name	Type	Description	Required
http	object		false
trafficMode	enum	Enum: UNSET, OPTIONAL, REQUIRED	false

ServiceSecuritySetting.spec.subsets[index].settings.authenticationSettings.http

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	Authenticate an HTTP request from a JWT Token attached to it.	false
rules	object	List of rules how to authenticate an HTTP request.	false

ServiceSecuritySetting.spec.subsets[index].settings.authenticationSettings.http.jwt

^{^{↩ Parent}}

Authenticate an HTTP request from a JWT Token attached to it.

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

ServiceSecuritySetting.spec.subsets[index].settings.authenticationSettings.http.jwt.fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

ServiceSecuritySetting.spec.subsets[index].settings.authenticationSettings.http.jwt.outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

ServiceSecuritySetting.spec.subsets[index].settings.authenticationSettings.http.rules

^{^{↩ Parent}}

List of rules how to authenticate an HTTP request.

Name	Type	Description	Required
jwt	[]object	List of rules how to authenticate an HTTP request from a JWT Token attached to it.	false

ServiceSecuritySetting.spec.subsets[index].settings.authenticationSettings.http.rules.jwt[index]

^{^{↩ Parent}}

Name	Type	Description	Required
audiences	[]string		false
fromHeaders	[]object	This field specifies the locations to extract JWT token.	false
issuer	string	Identifies the issuer that issued the JWT.	false
jwks	string	JSON Web Key Set of public keys to validate signature of the JWT.	false
jwksUri	string		false
outputClaimToHeaders	[]object	This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.	false
outputPayloadToHeader	string		false

ServiceSecuritySetting.spec.subsets[index].settings.authenticationSettings.http.rules.jwt[index].fromHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string	The HTTP header name.	false
prefix	string	The prefix that should be stripped before decoding the token.	false

ServiceSecuritySetting.spec.subsets[index].settings.authenticationSettings.http.rules.jwt[index].outputClaimToHeaders[index]

^{^{↩ Parent}}

Name	Type	Description	Required
claim	string	The name of the claim to be copied from.	false
header	string	The name of the header to be created.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization

^{^{↩ Parent}}

Name	Type	Description	Required
http	object	This is for configuring HTTP request authorization.	false
mode	enum	A short cut for specifying the set of allowed callers. Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, DISABLED, CUSTOM, RULES	false
rules	object		false
serviceAccounts	[]string		false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.http

^{^{↩ Parent}}

This is for configuring HTTP request authorization.

Name	Type	Description	Required
external	object		false
local	object		false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.http.external

^{^{↩ Parent}}

Name	Type	Required
includeRequestHeaders	[]string	false
tls	object	false
uri	string	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.http.external.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.http.external.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.http.local

^{^{↩ Parent}}

Name	Type	Description	Required
rules	[]object		false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.http.local.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	[]object		false
name	string	A friendly name to identify the binding.	false
to	[]object		false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.http.local.rules[index].from[index]

^{^{↩ Parent}}

Name	Type	Description	Required
jwt	object	JWT configuration to identity the subject.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.http.local.rules[index].from[index].jwt

^{^{↩ Parent}}

JWT configuration to identity the subject.

Name	Type	Description	Required
iss	string		false
other	map[string]string	A set of arbitrary claims that are required to qualify the subject.	false
sub	string		false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.http.local.rules[index].to[index]

^{^{↩ Parent}}

Name	Type	Description	Required
methods	[]string	The HTTP methods that are allowed by this rule.	false
paths	[]string	The request path where the request is made against.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.rules

^{^{↩ Parent}}

Name	Type	Description	Required
allow	[]object	Allow specifies a list of rules.	false
deny	[]object	Deny specifies a list of rules.	false
denyAll	boolean	Deny all specifies whether all requests should be rejected.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.rules.allow[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.rules.allow[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.rules.allow[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.rules.deny[index]

^{^{↩ Parent}}

Name	Type	Description	Required
from	object	From specifies the source of a request.	false
to	object	To specifies the destination of a request.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.rules.deny[index].from

^{^{↩ Parent}}

From specifies the source of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the source of a request.	false

ServiceSecuritySetting.spec.subsets[index].settings.authorization.rules.deny[index].to

^{^{↩ Parent}}

To specifies the destination of a request.

Name	Type	Description	Required
fqn	string	The target resource identified by FQN which will be the destination of a request.	false

ServiceSecuritySetting.spec.subsets[index].settings.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

ServiceSecuritySetting.spec.subsets[index].settings.extension[index]

^{^{↩ Parent}}

Name	Type	Description	Required
config	object	Configuration parameters sent to the WASM plugin execution.	false
fqn	string	Fqn of the extension to be executed.	false
match	[]object	Specifies the criteria to determine which traffic is passed to WasmExtension.	false

ServiceSecuritySetting.spec.subsets[index].settings.extension[index].match[index]

^{^{↩ Parent}}

Name

Type

Description

Required

mode

enum

Criteria for selecting traffic by their direction.

Enum: UNDEFINED, CLIENT, SERVER, CLIENT_AND_SERVER

false

ports

[]object

Criteria for selecting traffic by their destination port.

false

ServiceSecuritySetting.spec.subsets[index].settings.extension[index].match[index].ports[index]

^{^{↩ Parent}}

Name	Type	Description	Required
number	integer	Minimum: 0 Maximum: 4.294967295e+09	false

ServiceSecuritySetting.spec.subsets[index].settings.waf

^{^{↩ Parent}}

NOTICE: this feature is in alpha stage and under active development.

Name	Type	Description	Required
rules	[]string	Rules to be leveraged by WAF.	false

traffic.tsb.tetrate.io/v2

Resource Types:

Group
ServiceRoute
TrafficSetting

Group

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	traffic.tsb.tetrate.io/v2	true
kind	string	Group	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

Group.spec

^{^{↩ Parent}}

Name	Type	Description	Required
configGenerationMetadata	object	Default metadata values that will be propagated to the children Istio generated configurations.	false
configMode	enum	Enum: BRIDGED, DIRECT	false
deletionProtectionEnabled	boolean	When set, prevents the resource from being deleted.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
namespaceSelector	object	Set of namespaces owned exclusively by this group.	false

Group.spec.configGenerationMetadata

^{^{↩ Parent}}

Default metadata values that will be propagated to the children Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

Group.spec.namespaceSelector

^{^{↩ Parent}}

Set of namespaces owned exclusively by this group.

Name	Type	Description	Required
names	[]string		false

ServiceRoute

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	traffic.tsb.tetrate.io/v2	true
kind	string	ServiceRoute	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

ServiceRoute.spec

^{^{↩ Parent}}

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
httpRoutes	[]object		false
portLevelSettings	[]object	In order to support multi-protocol routing, a list of all port/protocol combinations is needed.	false
service	string	The service on which the configuration is being applied.	false
stickySession	object		false
subsets	[]object		false
tcpRoutes	[]object	TCPRoutes match TCP traffic based on port number.	false

ServiceRoute.spec.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

ServiceRoute.spec.httpRoutes[index]

^{^{↩ Parent}}

Name	Type	Required
destination	[]object	false
match	[]object	false
name	string	false

ServiceRoute.spec.httpRoutes[index].destination[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationHost	string	Service host where traffic should be routed to.	false
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
subset	string		false
weight	integer	Minimum: 0 Maximum: 4.294967295e+09	false

ServiceRoute.spec.httpRoutes[index].match[index]

^{^{↩ Parent}}

Name	Type	Description	Required
headers	map[string]object		false
name	string		false
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
uri	object		false

ServiceRoute.spec.httpRoutes[index].match[index].headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

ServiceRoute.spec.httpRoutes[index].match[index].uri

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

ServiceRoute.spec.portLevelSettings[index]

^{^{↩ Parent}}

Name	Type	Description	Required
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
stickySession	object		false
trafficType	enum	Enum: HTTP, TCP, TLS_PASSTHROUGH	false

ServiceRoute.spec.portLevelSettings[index].stickySession

^{^{↩ Parent}}

Name	Type	Description	Required
cookie	object	Hash based on HTTP cookie.	false
header	string	Hash based on a specific HTTP header.	false
useSourceIp	boolean	Hash based on the source IP address.	false

ServiceRoute.spec.portLevelSettings[index].stickySession.cookie

^{^{↩ Parent}}

Hash based on HTTP cookie.

Name	Type	Description	Required
name	string	Name of the cookie.	false
path	string	Path to set for the cookie.	false
ttl	string	Lifetime of the cookie.	false

ServiceRoute.spec.stickySession

^{^{↩ Parent}}

Name	Type	Description	Required
cookie	object	Hash based on HTTP cookie.	false
header	string	Hash based on a specific HTTP header.	false
useSourceIp	boolean	Hash based on the source IP address.	false

ServiceRoute.spec.stickySession.cookie

^{^{↩ Parent}}

Hash based on HTTP cookie.

Name	Type	Description	Required
name	string	Name of the cookie.	false
path	string	Path to set for the cookie.	false
ttl	string	Lifetime of the cookie.	false

ServiceRoute.spec.subsets[index]

^{^{↩ Parent}}

Name	Type	Description	Required
labels	map[string]string	Labels apply a filter over the endpoints of a service in the service registry.	false
name	string	Name used to refer to the subset.	false
portLevelSettings	[]object		false
weight	integer	Percentage of traffic to be sent to this subset. Minimum: 0 Maximum: 4.294967295e+09	false

ServiceRoute.spec.subsets[index].portLevelSettings[index]

^{^{↩ Parent}}

Name	Type	Description	Required
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
stickySession	object		false
trafficType	enum	Enum: HTTP, TCP, TLS_PASSTHROUGH	false

ServiceRoute.spec.subsets[index].portLevelSettings[index].stickySession

^{^{↩ Parent}}

Name	Type	Description	Required
cookie	object	Hash based on HTTP cookie.	false
header	string	Hash based on a specific HTTP header.	false
useSourceIp	boolean	Hash based on the source IP address.	false

ServiceRoute.spec.subsets[index].portLevelSettings[index].stickySession.cookie

^{^{↩ Parent}}

Hash based on HTTP cookie.

Name	Type	Description	Required
name	string	Name of the cookie.	false
path	string	Path to set for the cookie.	false
ttl	string	Lifetime of the cookie.	false

ServiceRoute.spec.tcpRoutes[index]

^{^{↩ Parent}}

Name	Type	Required
destination	[]object	false
match	[]object	false
name	string	false

ServiceRoute.spec.tcpRoutes[index].destination[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationHost	string	Service host where traffic should be routed to.	false
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false
subset	string		false
weight	integer	Minimum: 0 Maximum: 4.294967295e+09	false

ServiceRoute.spec.tcpRoutes[index].match[index]

^{^{↩ Parent}}

Name	Type	Description	Required
name	string		false
port	integer	Minimum: 0 Maximum: 4.294967295e+09	false

TrafficSetting

^{^{↩ Parent}}

Name	Type	Description	Required
apiVersion	string	traffic.tsb.tetrate.io/v2	true
kind	string	TrafficSetting	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object		false
status	object		false

TrafficSetting.spec

^{^{↩ Parent}}

Name	Type	Description	Required
configGenerationMetadata	object	Metadata values that will be add into the Istio generated configurations.	false
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
egress	object		false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
rateLimiting	object	Configuration for rate limiting requests.	false
reachability	object		false
resilience	object		false

TrafficSetting.spec.configGenerationMetadata

^{^{↩ Parent}}

Metadata values that will be add into the Istio generated configurations.

Name	Type	Description	Required
annotations	map[string]string	Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.	false
labels	map[string]string	Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.	false

TrafficSetting.spec.egress

^{^{↩ Parent}}

Name

Type

Description

Required

host

string

Specifies the egress gateway hostname.

false

port

integer

Deprecated.

Format: int32

false

TrafficSetting.spec.rateLimiting

^{^{↩ Parent}}

Configuration for rate limiting requests.

Name	Type	Description	Required
externalService	object	Configure ratelimiting using an external ratelimit server.	false
settings	object		false

TrafficSetting.spec.rateLimiting.externalService

^{^{↩ Parent}}

Configure ratelimiting using an external ratelimit server.

Name	Type	Description	Required
domain	string	The rate limit domain to use when calling the rate limit service.	false
failClosed	boolean		false
rateLimitServerUri	string	The URI at which the external rate limit server can be reached.	false
rules	[]object	A set of rate limit rules.	false
timeout	string	The timeout in seconds for the external rate limit server RPC.	false
tls	object		false

TrafficSetting.spec.rateLimiting.externalService.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions that are to be applied for this rate limit configuration.	false

TrafficSetting.spec.rateLimiting.externalService.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
destinationCluster	object	Rate limit on destination envoy cluster.	false
headerValueMatch	object	Rate limit on the existence of certain request headers.	false
remoteAddress	object	Rate limit on remote address of client.	false
requestHeaders	object	Rate limit on the value of certain request headers.	false
sourceCluster	object	Rate limit on source envoy cluster.	false

TrafficSetting.spec.rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch

^{^{↩ Parent}}

Rate limit on the existence of certain request headers.

Name	Type	Description	Required
descriptorValue	string	The value to use in the descriptor entry.	false
headers	map[string]object		false

TrafficSetting.spec.rateLimiting.externalService.rules[index].dimensions[index].headerValueMatch.headers[key]

^{^{↩ Parent}}

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

TrafficSetting.spec.rateLimiting.externalService.rules[index].dimensions[index].requestHeaders

^{^{↩ Parent}}

Rate limit on the value of certain request headers.

Name	Type	Description	Required
descriptorKey	string	The key to use in the descriptor entry.	false
headerName	string	The header name to be queried from the request headers.	false

TrafficSetting.spec.rateLimiting.externalService.tls

^{^{↩ Parent}}

Name	Type	Description	Required
files	object	TLS key source from files.	false
mode	enum	Enum: DISABLED, SIMPLE, MUTUAL	false
secretName	string	TLS key source from a Kubernetes Secret.	false
subjectAltNames	[]string		false

TrafficSetting.spec.rateLimiting.externalService.tls.files

^{^{↩ Parent}}

TLS key source from files.

Name	Type	Description	Required
caCertificates	string		false
clientCertificate	string	Certificate file to authenticate the client.	false
privateKey	string	Private key file associated with the client certificate.	false

TrafficSetting.spec.rateLimiting.settings

^{^{↩ Parent}}

Name	Type	Description	Required
failClosed	boolean		false
rules	[]object	A list of rules for ratelimiting.	false
timeout	string	The timeout in seconds for the rate limit server RPC.	false

TrafficSetting.spec.rateLimiting.settings.rules[index]

^{^{↩ Parent}}

Name	Type	Description	Required
dimensions	[]object	A list of dimensions to define each ratelimit rule.	false
limit	object	The ratelimit value that will be configured for the above rules.	false

TrafficSetting.spec.rateLimiting.settings.rules[index].dimensions[index]

^{^{↩ Parent}}

Name	Type	Description	Required
header	object	Rate limit on certain HTTP headers.	false
remoteAddress	object	Rate limit on the remote address of client.	false

TrafficSetting.spec.rateLimiting.settings.rules[index].dimensions[index].header

^{^{↩ Parent}}

Rate limit on certain HTTP headers.

Name	Type	Description	Required
name	string	Name of the header to match on.	false
value	object	Value of the header to match on if matching on a specific value.	false

TrafficSetting.spec.rateLimiting.settings.rules[index].dimensions[index].header.value

^{^{↩ Parent}}

Value of the header to match on if matching on a specific value.

Name	Type	Description	Required
exact	string	Exact string match.	false
prefix	string	Prefix-based match.	false
regex	string	ECMAscript style regex-based match.	false

TrafficSetting.spec.rateLimiting.settings.rules[index].dimensions[index].remoteAddress

^{^{↩ Parent}}

Rate limit on the remote address of client.

Name	Type	Description	Required
value	string	Ratelimit on a specific remote address.	false

TrafficSetting.spec.rateLimiting.settings.rules[index].limit

^{^{↩ Parent}}

The ratelimit value that will be configured for the above rules.

Name

Type

Description

Required

requestsPerUnit

integer

Specifies the value of the rate limit.

Minimum: 0
Maximum: 4.294967295e+09

false

unit

enum

Specifies the unit of time for rate limit.

Enum: UNKNOWN, SECOND, MINUTE, HOUR, DAY

false

TrafficSetting.spec.reachability

^{^{↩ Parent}}

Name

Type

Description

Required

hosts

[]string

false

mode

enum

A short cut for specifying the set of services accessed by the workload.

Enum: UNSET, NAMESPACE, GROUP, WORKSPACE, CLUSTER, CUSTOM

false

TrafficSetting.spec.resilience

^{^{↩ Parent}}

Name	Type	Description	Required
circuitBreakerSensitivity	enum	Enum: UNSET, LOW, MEDIUM, HIGH	false
httpRequestTimeout	string	Timeout for HTTP requests.	false
httpRetries	object	Retry policy for HTTP requests.	false
keepAlive	object	Keep Alive Settings.	false
tcpKeepalive	boolean	Deprecated.	false

TrafficSetting.spec.resilience.httpRetries

^{^{↩ Parent}}

Retry policy for HTTP requests.

Name

Type

Description

Required

attempts

integer

Number of retries for a given request.

Format: int32

false

perTryTimeout

string

Timeout per retry attempt for a given request.

false

retryOn

string

Specifies the conditions under which retry takes place.

false

TrafficSetting.spec.resilience.keepAlive

^{^{↩ Parent}}

Keep Alive Settings.

Name	Type	Description	Required
tcp	object	TCP Keep Alive settings associated with the upstream and downstream TCP connections.	false

TrafficSetting.spec.resilience.keepAlive.tcp

^{^{↩ Parent}}

TCP Keep Alive settings associated with the upstream and downstream TCP connections.

Name	Type	Description	Required
downstream	object	TCP Keep Alive Settings associated with the downstream (client) connection.	false
upstream	object	TCP Keep Alive Settings associated with the upstream (backend) connection.	false

TrafficSetting.spec.resilience.keepAlive.tcp.downstream

^{^{↩ Parent}}

TCP Keep Alive Settings associated with the downstream (client) connection.

Name

Type

Description

Required

idleTime

integer

Minimum: 0
Maximum: 4.294967295e+09

false

interval

integer

The number of seconds between keep-alive probes.

Minimum: 0
Maximum: 4.294967295e+09

false

probes

integer

Minimum: 0
Maximum: 4.294967295e+09

false

TrafficSetting.spec.resilience.keepAlive.tcp.upstream

^{^{↩ Parent}}

TCP Keep Alive Settings associated with the upstream (backend) connection.

Name

Type

Description

Required

idleTime

integer

Minimum: 0
Maximum: 4.294967295e+09

false

interval

integer

The number of seconds between keep-alive probes.

Minimum: 0
Maximum: 4.294967295e+09

false

probes

integer

Minimum: 0
Maximum: 4.294967295e+09

false

API Reference

tsb.tetrate.io/v2​

Cluster​

Cluster.spec​

Cluster.spec.installTemplate​

Cluster.spec.installTemplate.helm​

Cluster.spec.installTemplate.helm.image​

Cluster.spec.installTemplate.helm.operator​

Cluster.spec.installTemplate.helm.operator.deployment​

Cluster.spec.installTemplate.helm.operator.deployment.affinity​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector​

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]​

Cluster.spec.installTemplate.helm.operator.deployment.env[index]​

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom​

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.configMapKeyRef​

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference​

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.fieldRef​

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.resourceFieldRef​

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.resourceFieldRef.divisor​

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.secretKeyRef​

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.secretKeyRef.localObjectReference​

Cluster.spec.installTemplate.helm.operator.deployment.strategy​

Cluster.spec.installTemplate.helm.operator.deployment.strategy.rollingUpdate​

Cluster.spec.installTemplate.helm.operator.deployment.strategy.rollingUpdate.maxSurge​

Cluster.spec.installTemplate.helm.operator.deployment.strategy.rollingUpdate.maxUnavailable​

Cluster.spec.installTemplate.helm.operator.deployment.tolerations[index]​

Cluster.spec.installTemplate.helm.operator.service​

Cluster.spec.installTemplate.helm.operator.serviceAccount​

Cluster.spec.installTemplate.helm.secrets​

Cluster.spec.installTemplate.helm.secrets.clusterServiceAccount​

Cluster.spec.installTemplate.helm.secrets.elasticsearch​

Cluster.spec.installTemplate.helm.secrets.tsb​

Cluster.spec.installTemplate.helm.secrets.xcp​

Cluster.spec.installTemplate.helm.secrets.xcp.edge​

Cluster.spec.installTemplate.helm.spec​

Cluster.spec.installTemplate.helm.spec.components​

Cluster.spec.installTemplate.helm.spec.components.collector​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector​

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]​

tsb.tetrate.io/v2

Cluster

Cluster.spec

Cluster.spec.installTemplate

Cluster.spec.installTemplate.helm

Cluster.spec.installTemplate.helm.image

Cluster.spec.installTemplate.helm.operator

Cluster.spec.installTemplate.helm.operator.deployment

Cluster.spec.installTemplate.helm.operator.deployment.affinity

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

Cluster.spec.installTemplate.helm.operator.deployment.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

Cluster.spec.installTemplate.helm.operator.deployment.env[index]

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.configMapKeyRef

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.configMapKeyRef.localObjectReference

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.fieldRef

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.resourceFieldRef

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.resourceFieldRef.divisor

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.secretKeyRef

Cluster.spec.installTemplate.helm.operator.deployment.env[index].valueFrom.secretKeyRef.localObjectReference

Cluster.spec.installTemplate.helm.operator.deployment.strategy

Cluster.spec.installTemplate.helm.operator.deployment.strategy.rollingUpdate

Cluster.spec.installTemplate.helm.operator.deployment.strategy.rollingUpdate.maxSurge

Cluster.spec.installTemplate.helm.operator.deployment.strategy.rollingUpdate.maxUnavailable

Cluster.spec.installTemplate.helm.operator.deployment.tolerations[index]

Cluster.spec.installTemplate.helm.operator.service

Cluster.spec.installTemplate.helm.operator.serviceAccount

Cluster.spec.installTemplate.helm.secrets

Cluster.spec.installTemplate.helm.secrets.clusterServiceAccount

Cluster.spec.installTemplate.helm.secrets.elasticsearch

Cluster.spec.installTemplate.helm.secrets.tsb

Cluster.spec.installTemplate.helm.secrets.xcp

Cluster.spec.installTemplate.helm.secrets.xcp.edge

Cluster.spec.installTemplate.helm.spec

Cluster.spec.installTemplate.helm.spec.components

Cluster.spec.installTemplate.helm.spec.components.collector

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

Cluster.spec.installTemplate.helm.spec.components.collector.kubeSpec.deployment.affinity.podAntiAffinity