github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-04 23:17:50 +00:00
Code Issues Projects Releases Wiki Activity

Run make update

Browse Source
This commit is contained in:
Jan Chaloupka
2018-06-05 19:04:30 +02:00
parent ab616a88b9
commit 3cc15363bc
44 changed files with 2327 additions and 1272 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
api/openapi-spec/swagger.json generated
View File

@@ -79360,6 +79360,13 @@
"type": "integer",
"format": "int64"
}
},
"sysctls": {
"description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch.",
"type": "array",
"items": {
"$ref": "#/definitions/io.k8s.api.core.v1.Sysctl"
}
}
}
},
@@ -80881,6 +80888,23 @@
}
}
},
"io.k8s.api.core.v1.Sysctl": {
"description": "Sysctl defines a kernel parameter to be set",
"required": [
"name",
"value"
],
"properties": {
"name": {
"description": "Name of a property to set",
"type": "string"
},
"value": {
"description": "Value of a property to set",
"type": "string"
}
}
},
"io.k8s.api.core.v1.TCPSocketAction": {
"description": "TCPSocketAction describes an action based on opening a socket",
"required": [
@@ -82345,6 +82369,13 @@
"$ref": "#/definitions/io.k8s.api.extensions.v1beta1.AllowedHostPath"
}
},
"allowedUnsafeSysctls": {
"description": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.",
"type": "array",
"items": {
"type": "string"
}
},
"defaultAddCapabilities": {
"description": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the allowedCapabilities list.",
"type": "array",
@@ -82356,6 +82387,13 @@
"description": "defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.",
"type": "boolean"
},
"forbiddenSysctls": {
"description": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.",
"type": "array",
"items": {
"type": "string"
}
},
"fsGroup": {
"description": "fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.",
"$ref": "#/definitions/io.k8s.api.extensions.v1beta1.FSGroupStrategyOptions"
@@ -83233,6 +83271,13 @@
"$ref": "#/definitions/io.k8s.api.policy.v1beta1.AllowedHostPath"
}
},
"allowedUnsafeSysctls": {
"description": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.",
"type": "array",
"items": {
"type": "string"
}
},
"defaultAddCapabilities": {
"description": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the allowedCapabilities list.",
"type": "array",
@@ -83244,6 +83289,13 @@
"description": "defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.",
"type": "boolean"
},
"forbiddenSysctls": {
"description": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.",
"type": "array",
"items": {
"type": "string"
}
},
"fsGroup": {
"description": "fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.",
"$ref": "#/definitions/io.k8s.api.policy.v1beta1.FSGroupStrategyOptions"

25
api/swagger-spec/apps_v1.json generated
View File

@@ -8421,6 +8421,31 @@
"type": "integer",
"format": "int64",
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
},
"sysctls": {
"type": "array",
"items": {
"$ref": "v1.Sysctl"
},
"description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch."
}
}
},
"v1.Sysctl": {
"id": "v1.Sysctl",
"description": "Sysctl defines a kernel parameter to be set",
"required": [
"name",
"value"
],
"properties": {
"name": {
"type": "string",
"description": "Name of a property to set"
},
"value": {
"type": "string",
"description": "Value of a property to set"
}
}
},

25
api/swagger-spec/apps_v1beta1.json generated
View File

@@ -6055,6 +6055,31 @@
"type": "integer",
"format": "int64",
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
},
"sysctls": {
"type": "array",
"items": {
"$ref": "v1.Sysctl"
},
"description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch."
}
}
},
"v1.Sysctl": {
"id": "v1.Sysctl",
"description": "Sysctl defines a kernel parameter to be set",
"required": [
"name",
"value"
],
"properties": {
"name": {
"type": "string",
"description": "Name of a property to set"
},
"value": {
"type": "string",
"description": "Value of a property to set"
}
}
},

25
api/swagger-spec/apps_v1beta2.json generated
View File

@@ -8421,6 +8421,31 @@
"type": "integer",
"format": "int64",
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
},
"sysctls": {
"type": "array",
"items": {
"$ref": "v1.Sysctl"
},
"description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch."
}
}
},
"v1.Sysctl": {
"id": "v1.Sysctl",
"description": "Sysctl defines a kernel parameter to be set",
"required": [
"name",
"value"
],
"properties": {
"name": {
"type": "string",
"description": "Name of a property to set"
},
"value": {
"type": "string",
"description": "Value of a property to set"
}
}
},

25
api/swagger-spec/batch_v1.json generated
View File

@@ -3395,6 +3395,31 @@
"type": "integer",
"format": "int64",
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
},
"sysctls": {
"type": "array",
"items": {
"$ref": "v1.Sysctl"
},
"description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch."
}
}
},
"v1.Sysctl": {
"id": "v1.Sysctl",
"description": "Sysctl defines a kernel parameter to be set",
"required": [
"name",
"value"
],
"properties": {
"name": {
"type": "string",
"description": "Name of a property to set"
},
"value": {
"type": "string",
"description": "Value of a property to set"
}
}
},

25
api/swagger-spec/batch_v1beta1.json generated
View File

@@ -3450,6 +3450,31 @@
"type": "integer",
"format": "int64",
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
},
"sysctls": {
"type": "array",
"items": {
"$ref": "v1.Sysctl"
},
"description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch."
}
}
},
"v1.Sysctl": {
"id": "v1.Sysctl",
"description": "Sysctl defines a kernel parameter to be set",
"required": [
"name",
"value"
],
"properties": {
"name": {
"type": "string",
"description": "Name of a property to set"
},
"value": {
"type": "string",
"description": "Value of a property to set"
}
}
},

25
api/swagger-spec/batch_v2alpha1.json generated
View File

@@ -3450,6 +3450,31 @@
"type": "integer",
"format": "int64",
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
},
"sysctls": {
"type": "array",
"items": {
"$ref": "v1.Sysctl"
},
"description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch."
}
}
},
"v1.Sysctl": {
"id": "v1.Sysctl",
"description": "Sysctl defines a kernel parameter to be set",
"required": [
"name",
"value"
],
"properties": {
"name": {
"type": "string",
"description": "Name of a property to set"
},
"value": {
"type": "string",
"description": "Value of a property to set"
}
}
},

39
api/swagger-spec/extensions_v1beta1.json generated
View File

@@ -9063,6 +9063,31 @@
"type": "integer",
"format": "int64",
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
},
"sysctls": {
"type": "array",
"items": {
"$ref": "v1.Sysctl"
},
"description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch."
}
}
},
"v1.Sysctl": {
"id": "v1.Sysctl",
"description": "Sysctl defines a kernel parameter to be set",
"required": [
"name",
"value"
],
"properties": {
"name": {
"type": "string",
"description": "Name of a property to set"
},
"value": {
"type": "string",
"description": "Value of a property to set"
}
}
},
@@ -10392,6 +10417,20 @@
"$ref": "v1beta1.AllowedFlexVolume"
},
"description": "allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the \"volumes\" field."
},
"allowedUnsafeSysctls": {
"type": "array",
"items": {
"type": "string"
},
"description": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc."
},
"forbiddenSysctls": {
"type": "array",
"items": {
"type": "string"
},
"description": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc."
}
}
},

14
api/swagger-spec/policy_v1beta1.json generated
View File

@@ -2499,6 +2499,20 @@
"$ref": "v1beta1.AllowedFlexVolume"
},
"description": "allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the \"volumes\" field."
},
"allowedUnsafeSysctls": {
"type": "array",
"items": {
"type": "string"
},
"description": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc."
},
"forbiddenSysctls": {
"type": "array",
"items": {
"type": "string"
},
"description": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc."
}
}
},

25
api/swagger-spec/v1.json generated
View File

@@ -21725,6 +21725,31 @@
"type": "integer",
"format": "int64",
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
},
"sysctls": {
"type": "array",
"items": {
"$ref": "v1.Sysctl"
},
"description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch."
}
}
},
"v1.Sysctl": {
"id": "v1.Sysctl",
"description": "Sysctl defines a kernel parameter to be set",
"required": [
"name",
"value"
],
"properties": {
"name": {
"type": "string",
"description": "Name of a property to set"
},
"value": {
"type": "string",
"description": "Value of a property to set"
}
}
},