From 74682d6ebe5567ff5a6aad0f144748f49cce9e29 Mon Sep 17 00:00:00 2001 From: Alex Dellapenta Date: Fri, 17 Nov 2017 18:00:44 -0500 Subject: [PATCH 1/8] [dedicated-3.7] Updates for 3.7 install/upgrade Add individual component playbooks info (cherry picked from commit 85ac386099a99f885c9e4d69f5e90181343df891) xref:https://github.com/openshift/openshift-docs/pull/6434 --- _topic_map.yml | 1259 +++++++------ admin_guide/backup_restore.adoc | 315 +++- .../ansible_service_broker.adoc | 34 +- architecture/service_catalog/index.adoc | 18 +- .../template_service_broker.adoc | 9 - .../adding_hosts_to_existing_cluster.adoc | 66 +- install_config/aggregate_logging.adoc | 4 +- install_config/downgrade.adoc | 45 +- install_config/install/advanced_install.adoc | 410 ++-- .../install/disconnected_install.adoc | 44 +- install_config/install/host_preparation.adoc | 34 +- install_config/install/prerequisites.adoc | 119 +- install_config/install/quick_install.adoc | 13 +- .../install/rpm_vs_containerized.adoc | 13 +- .../install/stand_alone_registry.adoc | 2 + .../upgrading/automated_upgrades.adoc | 288 ++- .../upgrading/blue_green_deployments.adoc | 15 - install_config/upgrading/index.adoc | 6 +- install_config/upgrading/manual_upgrades.adoc | 1648 +++++++++++++++++ .../upgrading/migrating_embedded_etcd.adoc | 115 ++ install_config/upgrading/migrating_etcd.adoc | 320 ++++ 21 files changed, 3673 insertions(+), 1104 deletions(-) create mode 100644 install_config/upgrading/manual_upgrades.adoc create mode 100644 install_config/upgrading/migrating_embedded_etcd.adoc create mode 100644 install_config/upgrading/migrating_etcd.adoc diff --git a/_topic_map.yml b/_topic_map.yml index 481f478e0433..40bb623de759 100644 --- a/_topic_map.yml +++ b/_topic_map.yml @@ -25,387 +25,425 @@ Name: About Dir: welcome Distros: openshift-* Topics: - - Name: Welcome - File: index - - Name: Full Revision History - File: revhistory_full - Distros: openshift-enterprise,openshift-dedicated - +- Name: Welcome + File: index +- Name: Full Revision History + File: revhistory_full + Distros: openshift-enterprise,openshift-dedicated --- Name: Release Notes Dir: release_notes Distros: openshift-enterprise,openshift-dedicated,openshift-online Topics: - - Name: Overview - File: index - Distros: openshift-enterprise,openshift-dedicated - - Name: OpenShift Container Platform 3.3 Release Notes - File: ocp_3_3_release_notes - Distros: openshift-enterprise - - Name: Latest Product Updates - File: osd_latest_product_updates - Distros: openshift-dedicated - - Name: OpenShift Online Starter Release Notes - File: online_release_notes - Distros: openshift-online - - Name: Known Issues - File: online_known_issues - Distros: openshift-online - - Name: xPaaS Release Notes - File: xpaas_release_notes - Distros: openshift-enterprise - - Name: Comparing with OpenShift Enterprise 2 - File: v2_vs_v3 - Distros: openshift-enterprise - - Name: Revision History - File: revhistory_release_notes - Distros: openshift-enterprise,openshift-dedicated - +- Name: Overview + File: index + Distros: openshift-enterprise,openshift-dedicated +- Name: OpenShift Container Platform 3.3 Release Notes + File: ocp_3_3_release_notes + Distros: openshift-enterprise +- Name: Latest Product Updates + File: osd_latest_product_updates + Distros: openshift-dedicated +- Name: OpenShift Online Starter Release Notes + File: online_release_notes + Distros: openshift-online +- Name: Known Issues + File: online_known_issues + Distros: openshift-online +- Name: xPaaS Release Notes + File: xpaas_release_notes + Distros: openshift-enterprise +- Name: Comparing with OpenShift Enterprise 2 + File: v2_vs_v3 + Distros: openshift-enterprise +- Name: Revision History + File: revhistory_release_notes + Distros: openshift-enterprise,openshift-dedicated --- Name: What's New? Dir: whats_new Distros: openshift-origin Topics: - - Name: Overview - File: index - - Name: Release Notes - File: ose_3_0_release_notes - Distros: openshift-enterprise - - Name: Applications - File: applications - - Name: Cartridges vs Images - File: carts_vs_images - - Name: Terminology - File: terminology - +- Name: Overview + File: index +- Name: Release Notes + File: ose_3_0_release_notes + Distros: openshift-enterprise +- Name: Applications + File: applications +- Name: Cartridges vs Images + File: carts_vs_images +- Name: Terminology + File: terminology --- Name: Getting Started Dir: getting_started Distros: openshift-* Topics: - - Name: Overview - File: index - - Name: Basic Walkthrough - File: basic_walkthrough - Distros: openshift-online - - Name: Beyond the Basics - File: beyond_the_basics - Distros: openshift-online - - Name: Web Console Walkthrough - File: developers_console - Distros: openshift-enterprise,openshift-dedicated,openshift-origin - - Name: Command-Line Walkthrough - File: developers_cli - Distros: openshift-enterprise,openshift-dedicated,openshift-origin - - Name: Setting Up a Cluster - File: administrators - Distros: openshift-origin,openshift-enterprise - - Name: Administering a Cluster - File: dedicated_administrators - Distros: openshift-dedicated - - Name: Comparing OpenShift 2 and 3 - File: online_v2_vs_v3 - Distros: openshift-online - - Name: Revision History - File: revhistory_getting_started - Distros: openshift-enterprise,openshift-dedicated +- Name: Overview + File: index +- Name: Basic Walkthrough + File: basic_walkthrough + Distros: openshift-online +- Name: Beyond the Basics + File: beyond_the_basics + Distros: openshift-online +- Name: Web Console Walkthrough + File: developers_console + Distros: openshift-enterprise,openshift-dedicated,openshift-origin +- Name: Command-Line Walkthrough + File: developers_cli + Distros: openshift-enterprise,openshift-dedicated,openshift-origin +- Name: Setting Up a Cluster + File: administrators + Distros: openshift-origin,openshift-enterprise +- Name: Administering a Cluster + File: dedicated_administrators + Distros: openshift-dedicated +- Name: Comparing OpenShift 2 and 3 + File: online_v2_vs_v3 + Distros: openshift-online +- Name: Revision History + File: revhistory_getting_started + Distros: openshift-enterprise,openshift-dedicated --- Name: Quickstart Dir: registry_quickstart Distros: atomic-registry Topics: - - Name: Overview - File: index - - Name: Developers - File: developers - - Name: Administrators - Dir: administrators - Topics: - - Name: Overview - File: index - - Name: System Configuration - File: system_configuration - - Name: Uninstall - File: uninstall - +- Name: Overview + File: index +- Name: Developers + File: developers +- Name: Administrators + Dir: administrators + Topics: + - Name: Overview + File: index + - Name: System Configuration + File: system_configuration + - Name: Uninstall + File: uninstall --- Name: Architecture Dir: architecture Topics: - - Name: Overview - File: index - - Name: Infrastructure Components - Dir: infrastructure_components - Topics: - - Name: Kubernetes Infrastructure - File: kubernetes_infrastructure - Distros: openshift-* - - Name: Image Registry - File: image_registry - - Name: Web Console - File: web_console - Distros: openshift-* - - Name: Core Concepts - Dir: core_concepts - Topics: - - Name: Overview - File: index - Distros: openshift-* - - Name: Containers and Images - File: containers_and_images - Distros: openshift-* - - Name: Images - File: containers_and_images - Distros: atomic-* - - Name: Pods and Services - File: pods_and_services - Distros: openshift-* - - Name: Projects and Users - File: projects_and_users - - Name: Builds and Image Streams - File: builds_and_image_streams - Distros: openshift-* - - Name: Image Streams - File: builds_and_image_streams - Distros: atomic-* - - Name: Deployments - File: deployments - Distros: openshift-* - - Name: Templates - File: templates - Alias: dev_guide/templates - Distros: openshift-* - - Name: Additional Concepts - Dir: additional_concepts - Topics: - - Name: Authentication - File: authentication - - Name: Authorization - File: authorization - - Name: Persistent Storage - File: storage - Distros: openshift-* - - Name: Source Control Management - File: scm - Distros: openshift-* - - Name: Admission Controllers - File: admission_controllers - Distros: openshift-enterprise,openshift-origin,openshift-dedicated - - Name: Other API Objects - File: other_api_objects - - Name: Networking - Dir: networking - Topics: - - Name: Networking - File: networking - Distros: openshift-* - - Name: OpenShift SDN - File: sdn - Distros: openshift-* - - Name: Network Plug-ins - File: network_plugins - Distros: openshift-* - - Name: Port Forwarding - File: port_forwarding - Distros: openshift-* - - Name: Remote Commands - File: remote_commands - Distros: openshift-* - - Name: HAProxy Router Plug-in - File: haproxy-router - Distros: openshift-* - - Name: Routes - File: routes - Distros: openshift-* - - Name: Service Catalog Components - Dir: service_catalog - Distros: openshift-enterprise,openshift-origin - Topics: - - Name: Service Catalog - File: index - - Name: Template Service Broker - File: template_service_broker - - Name: Ansible Service Broker - File: ansible_service_broker +- Name: Overview + File: index +- Name: Infrastructure Components + Dir: infrastructure_components + Topics: + - Name: Kubernetes Infrastructure + File: kubernetes_infrastructure + Distros: openshift-* + - Name: Image Registry + File: image_registry + - Name: Web Console + File: web_console + Distros: openshift-* +- Name: Core Concepts + Dir: core_concepts + Topics: + - Name: Overview + File: index + Distros: openshift-* + - Name: Containers and Images + File: containers_and_images + Distros: openshift-* + - Name: Images + File: containers_and_images + Distros: atomic-* + - Name: Pods and Services + File: pods_and_services + Distros: openshift-* + - Name: Projects and Users + File: projects_and_users + - Name: Builds and Image Streams + File: builds_and_image_streams + Distros: openshift-* + - Name: Image Streams + File: builds_and_image_streams + Distros: atomic-* + - Name: Deployments + File: deployments + Distros: openshift-* + - Name: Templates + File: templates + Alias: dev_guide/templates + Distros: openshift-* +- Name: Additional Concepts + Dir: additional_concepts + Topics: + - Name: Authentication + File: authentication + - Name: Authorization + File: authorization + - Name: Persistent Storage + File: storage + Distros: openshift-* + - Name: Source Control Management + File: scm + Distros: openshift-* + - Name: Admission Controllers + File: admission_controllers + Distros: openshift-enterprise,openshift-origin,openshift-dedicated + - Name: Other API Objects + File: other_api_objects +- Name: Networking + Dir: networking + Topics: + - Name: Networking + File: networking + Distros: openshift-* + - Name: OpenShift SDN + File: sdn + Distros: openshift-* + - Name: Network Plug-ins + File: network_plugins + Distros: openshift-* + - Name: Port Forwarding + File: port_forwarding + Distros: openshift-* + - Name: Remote Commands + File: remote_commands + Distros: openshift-* + - Name: HAProxy Router Plug-in + File: haproxy-router + Distros: openshift-* + - Name: Routes + File: routes + Distros: openshift-* +- Name: Service Catalog Components + Dir: service_catalog + Distros: openshift-enterprise,openshift-origin + Topics: + - Name: Service Catalog + File: index + - Name: Template Service Broker + File: template_service_broker + - Name: OpenShift Ansible Broker + File: ansible_service_broker - Name: Revision History File: revhistory_architecture Distros: openshift-enterprise,openshift-dedicated - +--- +Name: Container Security Guide +Dir: security +Distros: openshift-enterprise,openshift-origin +Topics: +- Name: Introduction + File: index +- Name: Container Hosts and Multi-tenancy + File: hosts_multitenancy +- Name: Container Content + File: container_content +- Name: Registries + File: registries +- Name: Build Process + File: build_process +- Name: Deployment + File: deployment +- Name: Securing the Container Platform + File: securing_container_platform +- Name: Network Security + File: network_security +- Name: Attached Storage + File: storage +- Name: Monitoring Events and Logs + File: monitoring +- Name: Revision History + File: revhistory_security + Distros: openshift-enterprise --- Name: Installation and Configuration Dir: install_config Distros: openshift-origin,openshift-enterprise,atomic-* Topics: +- Name: Overview + File: index + Distros: openshift-origin,openshift-enterprise +- Name: Installing a Cluster + Dir: install + Distros: openshift-origin,openshift-enterprise + Topics: + - Name: Planning + File: planning + - Name: Prerequisites + File: prerequisites + - Name: Host Preparation + File: host_preparation + - Name: Installing on Containerized Hosts + File: rpm_vs_containerized + - Name: Quick Installation + File: quick_install + - Name: Advanced Installation + File: advanced_install + - Name: Disconnected Installation + File: disconnected_install + Distros: openshift-enterprise + - Name: Installing a Stand-alone Deployment of OpenShift Container Registry + File: stand_alone_registry +- Name: Setting up the Registry + Dir: registry + Distros: openshift-origin,openshift-enterprise + Topics: + - Name: Registry Overview + File: index + - Name: Deploying a Registry on Existing Clusters + File: deploy_registry_existing_clusters + - Name: Accessing the Registry + File: accessing_registry + - Name: Securing and Exposing the Registry + File: securing_and_exposing_registry + - Name: Extended Registry Configuration + File: extended_registry_configuration + - Name: Known Issues + File: registry_known_issues +- Name: Setting up a Router + Dir: router + Distros: openshift-origin,openshift-enterprise + Topics: + - Name: Router Overview + File: index + - Name: Using the Default HAProxy Router + File: default_haproxy_router + - Name: Deploying a Customized HAProxy Router + File: customized_haproxy_router + - Name: Configuring the HAProxy Router to Use the PROXY Protocol + File: proxy_protocol + - Name: Using the F5 Router Plug-in + File: f5_router +- Name: Deploying Red Hat CloudForms + Dir: cfme + Distros: openshift-origin,openshift-enterprise + Topics: + - Name: Introduction + File: index + - Name: Requirements + File: requirements + - Name: Configuring Role Variables + File: role_variables + - Name: Running the Installer + File: installing + - Name: Enabling Container Provider Integration + File: container_provider + - Name: Uninstalling + File: uninstalling +- Name: Upgrading a Cluster + Dir: upgrading + Distros: openshift-origin,openshift-enterprise + Topics: - Name: Overview File: index - Distros: openshift-origin,openshift-enterprise - - Name: Installing a Cluster - Dir: install - Distros: openshift-origin,openshift-enterprise - Topics: - - Name: Planning - File: planning - - Name: Prerequisites - File: prerequisites - - Name: Host Preparation - File: host_preparation - - Name: Containerized Components - File: rpm_vs_containerized - - Name: Quick Installation - File: quick_install - - Name: Advanced Installation - File: advanced_install - - Name: Disconnected Installation - File: disconnected_install - Distros: openshift-enterprise - - Name: Installing a Stand-alone Registry - File: stand_alone_registry - - Name: Setting up the Registry - Dir: registry - Distros: openshift-origin,openshift-enterprise - Topics: - - Name: Registry Overview - File: index - - Name: Deploying a Registry on Existing Clusters - File: deploy_registry_existing_clusters - - Name: Accessing the Registry - File: accessing_registry - - Name: Securing and Exposing the Registry - File: securing_and_exposing_registry - - Name: Extended Registry Configuration - File: extended_registry_configuration - - Name: Known Issues - File: registry_known_issues - - Name: Setting up a Router - Dir: router - Distros: openshift-origin,openshift-enterprise - Topics: - - Name: Router Overview - File: index - - Name: Using the Default HAProxy Router - File: default_haproxy_router - - Name: Deploying a Customized HAProxy Router - File: customized_haproxy_router - - Name: Using the F5 Router Plug-in - File: f5_router - - Name: Upgrading a Cluster - Dir: upgrading - Distros: openshift-origin,openshift-enterprise - Topics: - - Name: Overview - File: index - - Name: Automated Upgrades - File: automated_upgrades - - Name: Manual Upgrades - File: manual_upgrades - - Name: Downgrading - File: downgrade - Distros: openshift-enterprise - - Name: Master and Node Configuration - File: master_node_configuration - Distros: openshift-origin,openshift-enterprise - - Name: Loading the Default Image Streams and Templates - File: imagestreams_templates - Distros: openshift-origin,openshift-enterprise - - Name: Configuring Custom Certificates - File: certificate_customization - - Name: Configuring Authentication - File: configuring_authentication - - Name: Syncing Groups With LDAP - File: syncing_groups_with_ldap - Distros: openshift-origin,openshift-enterprise,atomic-registry - - Name: Configuring the SDN - File: configuring_sdn - Distros: openshift-origin,openshift-enterprise - - Name: Configuring for AWS - File: configuring_aws - Distros: openshift-origin,openshift-enterprise - - Name: Configuring for OpenStack - File: configuring_openstack - Distros: openshift-origin,openshift-enterprise - - Name: Configuring for GCE - File: configuring_gce - Distros: openshift-origin,openshift-enterprise - - Name: Configuring for Azure - File: configuring_azure - Distros: openshift-origin,openshift-enterprise - - Name: Configuring Persistent Storage - Dir: persistent_storage - Distros: openshift-origin,openshift-enterprise - Topics: - - Name: Overview - File: index - - Name: Using NFS - File: persistent_storage_nfs - - Name: Using GlusterFS - File: persistent_storage_glusterfs - - Name: Using OpenStack Cinder - File: persistent_storage_cinder - - Name: Using Ceph RBD - File: persistent_storage_ceph_rbd - - Name: Using AWS Elastic Block Store - File: persistent_storage_aws - - Name: Using GCE Persistent Disk - File: persistent_storage_gce - - Name: Using iSCSI - File: persistent_storage_iscsi - - Name: Using Fibre Channel - File: persistent_storage_fibre_channel - - Name: Dynamic Provisioning - File: dynamically_provisioning_pvs - - Name: Using Azure Disk - File: persistent_storage_azure - - Name: Using Azure File - File: persistent_storage_azure_file - - Name: Dynamic Provisioning and Creating Storage Classes - File: dynamically_provisioning_pvs - - Name: Volume Security - File: pod_security_context - - Name: Persistent Storage Examples - Dir: storage_examples - Distros: openshift-origin,openshift-enterprise - Topics: - - Name: Overview - File: index - - Name: Sharing an NFS PV across two PVCs - File: shared_storage - - Name: Complete Example Using Ceph RBD - File: ceph_example - - Name: Complete Example Using GlusterFS - File: gluster_example - - Name: Backing Docker Registry with GlusterFS Storage - File: gluster_backed_registry - - Name: Working with HTTP Proxies - File: http_proxies - Distros: openshift-origin,openshift-enterprise - - Name: Configuring Global Build Defaults and Overrides - File: build_defaults_overrides - Distros: openshift-origin,openshift-enterprise - - Name: Configuring Pipeline Execution - File: configuring_pipeline_execution - Distros: openshift-origin,openshift-enterprise - - Name: Native Container Routing - File: native_container_routing - Distros: openshift-origin,openshift-enterprise - - Name: Routing from Edge Load Balancers - File: routing_from_edge_lb - Distros: openshift-origin,openshift-enterprise - - Name: Aggregating Container Logs - File: aggregate_logging - Distros: openshift-origin,openshift-enterprise - - Name: Aggregate Logging Sizing Guidelines - File: aggregate_logging_sizing - Distros: openshift-origin,openshift-enterprise - - Name: Enabling Cluster Metrics - File: cluster_metrics - Distros: openshift-origin,openshift-enterprise - - Name: Customizing the Web Console - File: web_console_customization - Distros: openshift-origin,openshift-enterprise,atomic-* - - Name: Revision History - File: revhistory_install_config - Distros: openshift-enterprise - + - Name: Automated In-place Upgrades + File: automated_upgrades + - Name: Manual In-place Upgrades + File: manual_upgrades + - Name: Blue-Green Deployments + File: blue_green_deployments + - Name: Operating System Updates and Upgrades + File: os_upgrades + - Name: Migrating Embedded etcd to External etcd + File: migrating_embedded_etcd + - Name: Migrating etcd Data (v2 to v3) + File: migrating_etcd +- Name: Downgrading + File: downgrade + Distros: openshift-enterprise +- Name: Master and Node Configuration + File: master_node_configuration + Distros: openshift-origin,openshift-enterprise +- Name: Adding Hosts to an Existing Cluster + File: adding_hosts_to_existing_cluster +- Name: Loading the Default Image Streams and Templates + File: imagestreams_templates + Distros: openshift-origin,openshift-enterprise +- Name: Configuring Custom Certificates + File: certificate_customization +- Name: Redeploying Certificates + File: redeploying_certificates +- Name: Configuring Authentication and User Agent + File: configuring_authentication +- Name: Syncing Groups With LDAP + File: syncing_groups_with_ldap +- Name: Advanced LDAP Configuration + Dir: advanced_ldap_configuration + Distros: openshift-origin,openshift-enterprise,atomic-registry + Topics: + - Name: Overview + File: index + - Name: Setting up SSSD for LDAP Failover + File: sssd_for_ldap_failover + - Name: Configuring Form-Based Authentication + File: configuring_form_based_authentication + - Name: Configuring Extended LDAP Attributes + File: configuring_extended_ldap_attributes +- Name: Configuring the SDN + File: configuring_sdn + Distros: openshift-origin,openshift-enterprise +- Name: Configuring Nuage SDN + File: configuring_nuagesdn + Distros: openshift-origin,openshift-enterprise +- Name: Configuring for AWS + File: configuring_aws + Distros: openshift-origin,openshift-enterprise +- Name: Configuring for OpenStack + File: configuring_openstack + Distros: openshift-origin,openshift-enterprise +- Name: Configuring for GCE + File: configuring_gce + Distros: openshift-origin,openshift-enterprise +- Name: Configuring for Azure + File: configuring_azure + Distros: openshift-origin,openshift-enterprise +- Name: Configuring for VMWare vSphere + File: configuring_vsphere +- Name: Configuring for local Volume + File: configuring_local +- Name: Configuring Persistent Storage + Dir: persistent_storage + Distros: openshift-origin,openshift-enterprise + Topics: + - Name: Overview + File: index + - Name: Using NFS + File: persistent_storage_nfs + - Name: Using GlusterFS + File: persistent_storage_glusterfs + - Name: Using OpenStack Cinder + File: persistent_storage_cinder + - Name: Using Ceph RBD + File: persistent_storage_ceph_rbd + - Name: Using AWS Elastic Block Store + File: persistent_storage_aws + - Name: Using GCE Persistent Disk + File: persistent_storage_gce + - Name: Using iSCSI + File: persistent_storage_iscsi + - Name: Using Fibre Channel + File: persistent_storage_fibre_channel + - Name: Using Azure Disk + File: persistent_storage_azure + - Name: Using Azure File + File: persistent_storage_azure_file + - Name: Using FlexVolume + File: persistent_storage_flex_volume + - Name: Using VMWare vSphere + File: persistent_storage_vsphere + - Name: Using Local Volume + File: persistent_storage_local + - Name: Dynamic Provisioning and Creating Storage Classes + File: dynamically_provisioning_pvs + - Name: Volume Security + File: pod_security_context + - Name: Selector-Label Volume Binding + File: selector_label_binding + - Name: Enabling Controller-managed Attachment and Detachment + File: enabling_controller_attach_detach +- Name: Persistent Storage Examples + Dir: storage_examples + Distros: openshift-origin,openshift-enterprise + Topics: --- Name: Cluster Administration Dir: admin_guide @@ -496,299 +534,292 @@ Topics: - Name: Revision History File: revhistory_admin_guide Distros: openshift-enterprise,openshift-dedicated - --- Name: User Guide Dir: dev_guide Distros: atomic-* Topics: - - Name: Overview - File: index - - Name: Authentication - File: authentication - - Name: Managing Images - File: managing_images - - Name: Service Accounts - File: service_accounts - +- Name: Overview + File: index +- Name: Authentication + File: authentication +- Name: Managing Images + File: managing_images +- Name: Service Accounts + File: service_accounts --- Name: CLI Reference Dir: cli_reference Distros: openshift-*,atomic-* Topics: - - Name: Overview - File: index - - Name: Get Started with the CLI - File: get_started_cli - - Name: Managing CLI Profiles - File: manage_cli_profiles - - Name: Developer CLI Operations - File: basic_cli_operations - Distros: openshift-* - - Name: Administrator CLI Operations - File: admin_cli_operations - Distros: openshift-enterprise,openshift-dedicated,openshift-origin - - Name: Revision History - File: revhistory_cli_reference - Distros: openshift-enterprise,openshift-dedicated - +- Name: Overview + File: index +- Name: Get Started with the CLI + File: get_started_cli +- Name: Managing CLI Profiles + File: manage_cli_profiles +- Name: Developer CLI Operations + File: basic_cli_operations + Distros: openshift-* +- Name: Administrator CLI Operations + File: admin_cli_operations + Distros: openshift-enterprise,openshift-dedicated,openshift-origin +- Name: Revision History + File: revhistory_cli_reference + Distros: openshift-enterprise,openshift-dedicated --- Name: Developer Guide Dir: dev_guide Distros: openshift-* Topics: - - Name: Overview - File: index - - Name: Application Life Cycle Management - Dir: application_lifecycle - Topics: - - Name: Planning Your Development Process - File: development_process - - Name: Creating New Applications - File: new_app - - Name: Promoting Applications Across Environments - File: promoting_applications - - Name: Authentication - File: authentication - - Name: Authorization - File: authorization - - Name: Projects - File: projects - - Name: Migrating Applications - Dir: migrating_applications - Topics: - - Name: Overview - File: index - - Name: Database Applications - File: database_applications - - Name: Web Framework Applications - File: web_framework_applications - - Name: QuickStart Examples - File: quickstart_examples - - Name: Continuous Integration and Deployment - File: continuous_integration_and_deployment - - Name: Webhooks and Action Hooks - File: web_hooks_action_hooks - - Name: S2I Tool - File: S2I_tool - - Name: Support Guide - File: support_guide - - Name: Tutorials - Dir: dev_tutorials - Topics: - - Name: Overview - File: index - - Name: Quickstart Templates - File: quickstarts - - Name: Ruby on Rails - File: ruby_on_rails - - Name: Setting Up a Nexus Mirror - File: maven_tutorial - - Name: OpenShift Pipeline Builds - File: openshift_pipeline - - Name: Binary Builds - File: binary_builds - - Name: Builds - Dir: builds - Topics: - - Name: How Builds Work - File: index - - Name: Basic Build Operations - File: basic_build_operations - - Name: Build Inputs - File: build_inputs - - Name: Build Output - File: build_output - - Name: Build Strategy Options - File: build_strategies - - Name: Build Environment - File: build_environment - - Name: Triggering Builds - File: triggering_builds - - Name: Build Hooks - File: build_hooks - - Name: Build Run Policy - File: build_run_policy - - Name: Advanced Build Operations - File: advanced_build_operations - - Name: Troubleshooting - File: build_troubleshooting - - Name: Deployments - Dir: deployments - Topics: - - Name: How Deployments Work - File: how_deployments_work - - Name: Basic Deployment Operations - File: basic_deployment_operations - - Name: Deployment Strategies - File: deployment_strategies - - Name: Advanced Deployment Strategies - File: advanced_deployment_strategies - - Name: Kubernetes Deployments Support - File: kubernetes_deployments - Distros: openshift-enterprise,openshift-origin,openshift-dedicated - - Name: Templates - File: templates - - Name: Opening a Remote Shell to Containers - File: ssh_environment - - Name: Service Accounts - File: service_accounts - - Name: Managing Images - File: managing_images - - Name: Image Signatures - File: image_signatures - Distros: openshift-origin,openshift-enterprise - - Name: Quotas and Limit Ranges - File: compute_resources - - Name: Getting Traffic Into The Cluster - File: getting_traffic_into_cluster - Distros: openshift-enterprise,openshift-origin - - Name: Routes - File: routes - - Name: Integrating External Services - File: integrating_external_services - - Name: Secrets - File: secrets - - Name: ConfigMaps - File: configmaps - - Name: Using Daemonsets - File: daemonsets - Distros: openshift-enterprise,openshift-dedicated,openshift-origin - - Name: Pod Autoscaling - File: pod_autoscaling - - Name: Managing Volumes - File: volumes - - Name: Using Persistent Volumes - File: persistent_volumes - - Name: Executing Remote Commands - File: executing_remote_commands - - Name: Copying Files - File: copy_files_to_container - - Name: Port Forwarding - File: port_forwarding - - Name: Shared Memory - File: shared_memory - - Name: Application Health - File: application_health - - Name: Events - File: events - - Name: Downward API - File: downward_api - - Name: Managing Environment Variables - File: environment_variables - - Name: Jobs - File: jobs - Distros: openshift-enterprise,openshift-dedicated,openshift-origin,openshift-online - - Name: OpenShift Pipeline - File: openshift_pipeline - - Name: Cron Jobs - File: cron_jobs - Distros: openshift-enterprise,openshift-dedicated,openshift-origin,openshift-online - - Name: Create from URL - File: create_from_url - - Name: Revision History - File: revhistory_dev_guide - Distros: openshift-enterprise,openshift-dedicated - +- Name: Overview + File: index +- Name: Application Life Cycle Management + Dir: application_lifecycle + Topics: + - Name: Planning Your Development Process + File: development_process + - Name: Creating New Applications + File: new_app + - Name: Promoting Applications Across Environments + File: promoting_applications +- Name: Authentication + File: authentication +- Name: Authorization + File: authorization +- Name: Projects + File: projects +- Name: Migrating Applications + Dir: migrating_applications + Topics: + - Name: Overview + File: index + - Name: Database Applications + File: database_applications + - Name: Web Framework Applications + File: web_framework_applications + - Name: QuickStart Examples + File: quickstart_examples + - Name: Continuous Integration and Deployment + File: continuous_integration_and_deployment + - Name: Webhooks and Action Hooks + File: web_hooks_action_hooks + - Name: S2I Tool + File: S2I_tool + - Name: Support Guide + File: support_guide +- Name: Tutorials + Dir: dev_tutorials + Topics: + - Name: Overview + File: index + - Name: Quickstart Templates + File: quickstarts + - Name: Ruby on Rails + File: ruby_on_rails + - Name: Setting Up a Nexus Mirror + File: maven_tutorial + - Name: OpenShift Pipeline Builds + File: openshift_pipeline + - Name: Binary Builds + File: binary_builds +- Name: Builds + Dir: builds + Topics: + - Name: How Builds Work + File: index + - Name: Basic Build Operations + File: basic_build_operations + - Name: Build Inputs + File: build_inputs + - Name: Build Output + File: build_output + - Name: Build Strategy Options + File: build_strategies + - Name: Build Environment + File: build_environment + - Name: Triggering Builds + File: triggering_builds + - Name: Build Hooks + File: build_hooks + - Name: Build Run Policy + File: build_run_policy + - Name: Advanced Build Operations + File: advanced_build_operations + - Name: Troubleshooting + File: build_troubleshooting +- Name: Deployments + Dir: deployments + Topics: + - Name: How Deployments Work + File: how_deployments_work + - Name: Basic Deployment Operations + File: basic_deployment_operations + - Name: Deployment Strategies + File: deployment_strategies + - Name: Advanced Deployment Strategies + File: advanced_deployment_strategies + - Name: Kubernetes Deployments Support + File: kubernetes_deployments + Distros: openshift-enterprise,openshift-origin,openshift-dedicated +- Name: Templates + File: templates +- Name: Opening a Remote Shell to Containers + File: ssh_environment +- Name: Service Accounts + File: service_accounts +- Name: Managing Images + File: managing_images +- Name: Image Signatures + File: image_signatures + Distros: openshift-origin,openshift-enterprise +- Name: Quotas and Limit Ranges + File: compute_resources +- Name: Getting Traffic Into The Cluster + File: getting_traffic_into_cluster + Distros: openshift-enterprise,openshift-origin +- Name: Routes + File: routes +- Name: Integrating External Services + File: integrating_external_services +- Name: Secrets + File: secrets +- Name: ConfigMaps + File: configmaps +- Name: Using Daemonsets + File: daemonsets + Distros: openshift-enterprise,openshift-dedicated,openshift-origin +- Name: Pod Autoscaling + File: pod_autoscaling +- Name: Managing Volumes + File: volumes +- Name: Using Persistent Volumes + File: persistent_volumes +- Name: Executing Remote Commands + File: executing_remote_commands +- Name: Copying Files + File: copy_files_to_container +- Name: Port Forwarding + File: port_forwarding +- Name: Shared Memory + File: shared_memory +- Name: Application Health + File: application_health +- Name: Events + File: events +- Name: Downward API + File: downward_api +- Name: Managing Environment Variables + File: environment_variables +- Name: Jobs + File: jobs + Distros: openshift-enterprise,openshift-dedicated,openshift-origin,openshift-online +- Name: OpenShift Pipeline + File: openshift_pipeline +- Name: Cron Jobs + File: cron_jobs + Distros: openshift-enterprise,openshift-dedicated,openshift-origin,openshift-online +- Name: Create from URL + File: create_from_url +- Name: Revision History + File: revhistory_dev_guide + Distros: openshift-enterprise,openshift-dedicated --- Name: Creating Images Dir: creating_images Distros: openshift-* Topics: - - Name: Overview - File: index - - Name: Guidelines - File: guidelines - - Name: Image Metadata - File: metadata - - Name: S2I Requirements - File: s2i - - Name: Testing S2I Images - File: s2i_testing - - Name: Custom Builder - File: custom - Distros: openshift-enterprise,openshift-dedicated,openshift-origin - - Name: Revision History - File: revhistory_creating_images - Distros: openshift-enterprise,openshift-dedicated - +- Name: Overview + File: index +- Name: Guidelines + File: guidelines +- Name: Image Metadata + File: metadata +- Name: S2I Requirements + File: s2i +- Name: Testing S2I Images + File: s2i_testing +- Name: Custom Builder + File: custom + Distros: openshift-enterprise,openshift-dedicated,openshift-origin +- Name: Revision History + File: revhistory_creating_images + Distros: openshift-enterprise,openshift-dedicated --- Name: Using Images Dir: using_images Distros: openshift-* Topics: - - Name: Overview - File: index - Distros: openshift-online,openshift-enterprise,openshift-dedicated - - Name: Source-to-Image (S2I) - Dir: s2i_images - Topics: - - Name: Overview - File: index - - Name: Java - File: java - Distros: openshift-origin,openshift-online - - Name: .NET Core - File: dot_net_core - Distros: openshift-online,openshift-enterprise,openshift-dedicated - - Name: Node.js - File: nodejs - - Name: Perl - File: perl - - Name: PHP - File: php - - Name: Python - File: python - - Name: Ruby - File: ruby - - Name: Customizing S2I Images - File: customizing_s2i_images - - Name: Database Images - Dir: db_images - Topics: - - Name: Overview - File: index - - Name: MySQL - File: mysql - - Name: PostgreSQL - File: postgresql - - Name: MongoDB - File: mongodb - - Name: MariaDB - File: mariadb - - Name: Docker Images - Dir: docker_images - Topics: - - Name: Overview - File: index - - Name: Other Images - Dir: other_images - Topics: - - Name: Overview - File: index - - Name: Jenkins - File: jenkins - - Name: xPaaS Middleware Images - Dir: xpaas_images - Distros: openshift-online,openshift-enterprise,openshift-dedicated - Topics: - - Name: Overview - File: index - - Name: Revision History - File: revhistory_using_images - Distros: openshift-enterprise,openshift-dedicated - - +- Name: Overview + File: index + Distros: openshift-online,openshift-enterprise,openshift-dedicated +- Name: Source-to-Image (S2I) + Dir: s2i_images + Topics: + - Name: Overview + File: index + - Name: Java + File: java + Distros: openshift-origin,openshift-online + - Name: .NET Core + File: dot_net_core + Distros: openshift-online,openshift-enterprise,openshift-dedicated + - Name: Node.js + File: nodejs + - Name: Perl + File: perl + - Name: PHP + File: php + - Name: Python + File: python + - Name: Ruby + File: ruby + - Name: Customizing S2I Images + File: customizing_s2i_images +- Name: Database Images + Dir: db_images + Topics: + - Name: Overview + File: index + - Name: MySQL + File: mysql + - Name: PostgreSQL + File: postgresql + - Name: MongoDB + File: mongodb + - Name: MariaDB + File: mariadb +- Name: Docker Images + Dir: docker_images + Topics: + - Name: Overview + File: index +- Name: Other Images + Dir: other_images + Topics: + - Name: Overview + File: index + - Name: Jenkins + File: jenkins +- Name: xPaaS Middleware Images + Dir: xpaas_images + Distros: openshift-online,openshift-enterprise,openshift-dedicated + Topics: + - Name: Overview + File: index +- Name: Revision History + File: revhistory_using_images + Distros: openshift-enterprise,openshift-dedicated --- Name: REST API Reference Dir: rest_api Topics: - - Name: Overview - File: index - - Name: OpenShift v1 - File: openshift_v1 - - Name: Kubernetes v1 - File: kubernetes_v1 - - Name: Revision History - File: revhistory_rest_api - Distros: openshift-enterprise,openshift-dedicated +- Name: Overview + File: index +- Name: OpenShift v1 + File: openshift_v1 +- Name: Kubernetes v1 + File: kubernetes_v1 +- Name: Revision History + File: revhistory_rest_api + Distros: openshift-enterprise,openshift-dedicated diff --git a/admin_guide/backup_restore.adoc b/admin_guide/backup_restore.adoc index 62cc8046792b..428f33c90c77 100644 --- a/admin_guide/backup_restore.adoc +++ b/admin_guide/backup_restore.adoc @@ -38,8 +38,8 @@ nodes they get rescheduled to. [[backup-restore-prerequisites]] == Prerequisites -. Because the restore procedure involves a xref:cluster-restore[complete -reinstallation], save all the files used in the initial installation. This may +. Because the restore procedure involves a complete +reinstallation, save all the files used in the initial installation. This may include: + - *_~/.config/openshift/installer.cfg.yml_* (from the @@ -73,13 +73,17 @@ following sections), which depends on how *etcd* is deployed. |all-in-one cluster |*_/var/lib/openshift/openshift.local.etcd_* -|external etcd (not on master) +|external etcd (located either on a master or another host) |*_/var/lib/etcd_* -|embedded etcd (on master) -|*_/var/lib/origin/etcd_* |=== +[WARNING] +==== +Embedded etcd is no longer supported starting with {product-title} 3.7. See +xref:../install_config/upgrading/migrating_embedded_etcd.adoc#install-config-upgrading-etcd-data-migration[Migrating Embedded etcd to External etcd] for details. +==== + [[cluster-backup]] == Cluster Backup @@ -132,8 +136,14 @@ For a container-based installation, you must use `docker exec` to run *etcdctl* inside the container. ==== -[[cluster-restore]] -== Cluster Restore +. Copy the *_db_* file over to the backup you created: ++ +---- +# cp "$ETCD_DATA_DIR"/member/snap/db "$ETCD_DATA_DIR.bak"/member/snap/db +---- + +[[registry-certificates-backup]] +=== Registry Certificates Backup [NOTE] ==== @@ -166,6 +176,297 @@ that {product-title} was previously installed. # chown -R etcd:etcd $ETCD_DATA_DIR ---- +. Create the new single node cluster using etcd's `--force-new-cluster` option. +You can do this using the values from *_/etc/etcd/etcd.conf_*, or you can +temporarily modify the *systemd* unit file and start the service normally. ++ +To do so, edit the *_/usr/lib/systemd/system/etcd.service_* file, and add +`--force-new-cluster`: ++ +---- +# sed -i '/ExecStart/s/"$/ --force-new-cluster"/' /usr/lib/systemd/system/etcd.service +# systemctl show etcd.service --property ExecStart --no-pager + +ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd --force-new-cluster" +---- ++ +Then, restart the *etcd* service: ++ +---- +# systemctl daemon-reload +# systemctl start etcd +---- + +. Verify the *etcd* service started correctly, then re-edit the +*_/usr/lib/systemd/system/etcd.service_* file and remove the +`--force-new-cluster` option: ++ +---- +# sed -i '/ExecStart/s/ --force-new-cluster//' /usr/lib/systemd/system/etcd.service +# systemctl show etcd.service --property ExecStart --no-pager + +ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd" +---- + +. Restart the *etcd* service, then verify the etcd cluster is running correctly +and displays {product-title}'s configuration: ++ +---- +# systemctl daemon-reload +# systemctl restart etcd +---- + +[[cluster-restore-multiple-member-etcd-clusters]] +== Cluster Restore for Multiple-member etcd Clusters + +When using an external etcd host, you must first restore the etcd backup +by creating a new, single node etcd cluster. If using external etcd with +multiple members, you must then also add any additional etcd members to the +cluster one by one. + +Choose a system to be the initial etcd member, and restore its etcd backup and +configuration: + +. Run the following on the etcd host: ++ +---- +# ETCD_DIR=/var/lib/etcd/ +# mv $ETCD_DIR /var/lib/etcd.orig +# cp -Rp /var/lib/origin/etcd-backup-/ $ETCD_DIR +# chcon -R --reference /var/lib/etcd.orig/ $ETCD_DIR +# chown -R etcd:etcd $ETCD_DIR +---- + +. Restore your *_/etc/etcd/etcd.conf_* file from backup or *_.rpmsave_*. + +. Depending on your environment, follow the instructions for +xref:backup-containerized-etcd-deployments[Containerized etcd Deployments] or +xref:backup-non-containerized-etcd-deployments[Non-Containerized etcd +Deployments]. + +[[backup-containerized-etcd-deployments]] +=== Containerized etcd Deployments + +. Create the new single node cluster using etcd's `--force-new-cluster` +option. You can do this with a long, complex command using the values from +*_/etc/etcd/etcd.conf_*, or you can temporarily modify the *systemd* unit file +and start the service normally. ++ +To do so, edit the *_/etc/systemd/system/etcd_container.service_* file, and add +`--force-new-cluster`: ++ +---- +# sed -i '/ExecStart=/s/$/ --force-new-cluster/' /etc/systemd/system/etcd_container.service + +ExecStart=/usr/bin/docker run --name etcd --rm -v \ +/var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:ro --env-file=/etc/etcd/etcd.conf \ +--net=host --entrypoint=/usr/bin/etcd rhel7/etcd:3.1.9 --force-new-cluster +---- ++ +Then, restart the *etcd* service: ++ +---- +# systemctl daemon-reload +# systemctl start etcd_container +---- + +. Verify the *etcd* service started correctly, then re-edit the +*_/etc/systemd/system/etcd_container.service_* file and remove the +`--force-new-cluster` option: ++ +---- +# sed -i '/ExecStart=/s/ --force-new-cluster//' /etc/systemd/system/etcd_container.service + +ExecStart=/usr/bin/docker run --name etcd --rm -v /var/lib/etcd:/var/lib/etcd:z -v \ +/etc/etcd:/etc/etcd:ro --env-file=/etc/etcd/etcd.conf --net=host \ +--entrypoint=/usr/bin/etcd rhel7/etcd:3.1.9 +---- + +. Restart the *etcd* service, then verify the etcd cluster is running correctly +and displays {product-title}'s configuration: ++ +---- +# systemctl daemon-reload +# systemctl restart etcd_container +# etcdctl --cert-file=/etc/etcd/peer.crt \ + --key-file=/etc/etcd/peer.key \ + --ca-file=/etc/etcd/ca.crt \ + --peers="https://172.16.4.18:2379,https://172.16.4.27:2379" \ + ls / +---- + +. If you have additional etcd members to add to your cluster, continue to +xref:adding-addtl-etcd-members[Adding Additional etcd Members]. +Otherwise, if you only want a single node external etcd, continue to +xref:bringing-openshift-services-back-online[Bringing {product-title} +Services Back Online]. + +[[backup-non-containerized-etcd-deployments]] +=== Non-Containerized etcd Deployments + +. Create the new single node cluster using etcd's `--force-new-cluster` +option. You can do this with a long, complex command using the values from +*_/etc/etcd/etcd.conf_*, or you can temporarily modify the *systemd* unit file +and start the service normally. ++ +To do so, edit the *_/usr/lib/systemd/system/etcd.service_* file, and add +`--force-new-cluster`: ++ +---- +# sed -i '/ExecStart/s/"$/ --force-new-cluster"/' /usr/lib/systemd/system/etcd.service +# systemctl show etcd.service --property ExecStart --no-pager + +ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd --force-new-cluster" +---- ++ +Then restart the *etcd* service: ++ +---- +# systemctl daemon-reload +# systemctl start etcd +---- + +. Verify the *etcd* service started correctly, then re-edit the +*_/usr/lib/systemd/system/etcd.service_* file and remove the +`--force-new-cluster` option: ++ +---- +# sed -i '/ExecStart/s/ --force-new-cluster//' /usr/lib/systemd/system/etcd.service +# systemctl show etcd.service --property ExecStart --no-pager + +ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd" +---- + +. Restart the *etcd* service, then verify the etcd cluster is running correctly +and displays {product-title}'s configuration: ++ +---- +# systemctl daemon-reload +# systemctl restart etcd +# etcdctl --cert-file=/etc/etcd/peer.crt \ + --key-file=/etc/etcd/peer.key \ + --ca-file=/etc/etcd/ca.crt \ + --peers="https://172.16.4.18:2379,https://172.16.4.27:2379" \ + ls / +---- + +. If you have additional etcd members to add to your cluster, continue to +xref:adding-addtl-etcd-members[Adding Additional etcd Members]. +Otherwise, if you only want a single node external etcd, continue to +xref:bringing-openshift-services-back-online[Bringing {product-title} +Services Back Online]. + +[[adding-addtl-etcd-members]] +=== Adding Additional etcd Members + +To add additional etcd members to the cluster, you must first adjust the default +*localhost* peer in the `*peerURLs*` value for the first member: + +. Get the member ID for the first member using the `member list` command: ++ +---- +# etcdctl --cert-file=/etc/etcd/peer.crt \ + --key-file=/etc/etcd/peer.key \ + --ca-file=/etc/etcd/ca.crt \ + --peers="https://172.18.1.18:2379,https://172.18.9.202:2379,https://172.18.0.75:2379" \ + member list +---- + +. Update the value of `*peerURLs*` using the `etcdctl member update` command by +passing the member ID obtained from the previous step: ++ +---- +# etcdctl --cert-file=/etc/etcd/peer.crt \ + --key-file=/etc/etcd/peer.key \ + --ca-file=/etc/etcd/ca.crt \ + --peers="https://172.18.1.18:2379,https://172.18.9.202:2379,https://172.18.0.75:2379" \ + member update 511b7fb6cc0001 https://172.18.1.18:2380 +---- ++ +Alternatively, you can use `curl`: ++ +---- +# curl --cacert /etc/etcd/ca.crt \ + --cert /etc/etcd/peer.crt \ + --key /etc/etcd/peer.key \ + https://172.18.1.18:2379/v2/members/511b7fb6cc0001 \ + -XPUT -H "Content-Type: application/json" \ + -d '{"peerURLs":["https://172.18.1.18:2380"]}' +---- + +. Re-run the `member list` command and ensure the peer URLs no longer include +*localhost*. + +. Now, add each additional member to the cluster one at a time. ++ +[WARNING] +==== +Each member must be fully added and brought online one at a time. When adding +each additional member to the cluster, the `*peerURLs*` list must be correct for +that point in time, so it will grow by one for each member added. The `etcdctl +member add` command will output the values that need to be set in the +*_etcd.conf_* file as you add each member, as described in the following +instructions. +==== + +.. For each member, add it to the cluster using the values that can be found in +that system's *_etcd.conf_* file: ++ +---- +# etcdctl --cert-file=/etc/etcd/peer.crt \ + --key-file=/etc/etcd/peer.key \ + --ca-file=/etc/etcd/ca.crt \ + --peers="https://172.16.4.18:2379,https://172.16.4.27:2379" \ + member add 10.3.9.222 https://172.16.4.27:2380 + +Added member named 10.3.9.222 with ID 4e1db163a21d7651 to cluster + +ETCD_NAME="10.3.9.222" +ETCD_INITIAL_CLUSTER="10.3.9.221=https://172.16.4.18:2380,10.3.9.222=https://172.16.4.27:2380" +ETCD_INITIAL_CLUSTER_STATE="existing" +---- + +.. Using the environment variables provided in the output of the above `etcdctl +member add` command, edit the *_/etc/etcd/etcd.conf_* file on the member system +itself and ensure these settings match. + +.. Now start etcd on the new member: ++ +---- +# rm -rf /var/lib/etcd/member +# systemctl enable etcd +# systemctl start etcd +---- + +.. Ensure the service starts correctly and the etcd cluster is now healthy: ++ +---- +# etcdctl --cert-file=/etc/etcd/peer.crt \ + --key-file=/etc/etcd/peer.key \ + --ca-file=/etc/etcd/ca.crt \ + --peers="https://172.16.4.18:2379,https://172.16.4.27:2379" \ + member list + +51251b34b80001: name=10.3.9.221 peerURLs=https://172.16.4.18:2380 clientURLs=https://172.16.4.18:2379 +d266df286a41a8a4: name=10.3.9.222 peerURLs=https://172.16.4.27:2380 clientURLs=https://172.16.4.27:2379 + +# etcdctl --cert-file=/etc/etcd/peer.crt \ + --key-file=/etc/etcd/peer.key \ + --ca-file=/etc/etcd/ca.crt \ + --peers="https://172.16.4.18:2379,https://172.16.4.27:2379" \ + cluster-health + +cluster is healthy +member 51251b34b80001 is healthy +member d266df286a41a8a4 is healthy +---- + +.. Now repeat this process for the next member to add to the cluster. + +. After all additional etcd members have been added, continue to +xref:bringing-openshift-services-back-online[Bringing {product-title} +Services Back Online]. + [[backup-restore-adding-etcd-hosts]] == Adding New etcd Hosts diff --git a/architecture/service_catalog/ansible_service_broker.adoc b/architecture/service_catalog/ansible_service_broker.adoc index 11cb4b85c5d2..b10b041460de 100644 --- a/architecture/service_catalog/ansible_service_broker.adoc +++ b/architecture/service_catalog/ansible_service_broker.adoc @@ -1,5 +1,5 @@ [[arch-ansible-service-broker]] -= Ansible Service Broker += OpenShift Ansible Broker {product-author} {product-version} :data-uri: @@ -12,31 +12,23 @@ toc::[] == Overview -[NOTE] -==== -The service catalog is currently a Technology Preview feature. -//// -ifdef::openshift-origin,openshift-enterprise[] -To opt-in during installation or upgrade, see Installation & Configuration (TODO link). -endif::[] -//// -==== +The OpenShift Ansible broker (OAB) is an implementation of the Open Service +Broker (OSB) API that manages applications defined by +xref:service-catalog-apb[_Ansible playbook bundles (APBs)_]. APBs provide a new +method for defining and distributing container applications in {product-title}, +consisting of a bundle of Ansible playbooks built into a container image with an +Ansible runtime. APBs leverage Ansible to create a standard mechanism for +automating complex deployments. -The Ansible service broker (ASB) is an implementation of the OSB API that -manages applications defined by xref:service-catalog-apb[_Ansible playbook bundles (APBs)_]. APBs provide a new method for defining and distributing -container applications in {product-title}, consisting of a bundle of Ansible -playbooks built into a container image with an Ansible runtime. APBs leverage -Ansible to create a standard mechanism for automating complex deployments. - -The design of the ASB follows this basic workflow: +The design of the OAB follows this basic workflow: . A user requests list of available applications from the service catalog using the {product-title} web console. -. The service catalog requests the ASB for available applications. -. The ASB communicates with a defined container registry to learn which APBs are +. The service catalog requests the OAB for available applications. +. The OAB communicates with a defined container registry to learn which APBs are available. . The user issues a request to provision a specific APB. -. The provision request makes its way to the ASB, which fulfills the user's +. The provision request makes its way to the OAB, which fulfills the user's request by invoking the provision method on the APB. [[service-catalog-apb]] @@ -118,7 +110,7 @@ generating credentials. Playbook to revoke access to this service. The required named playbooks correspond to methods defined by the OSB API. For -example, when the ASB needs to provision an APB, it will execute the +example, when the OAB needs to provision an APB, it will execute the *_provision.yml_*. After the required named playbooks have been generated, the files can be used diff --git a/architecture/service_catalog/index.adoc b/architecture/service_catalog/index.adoc index 29e6385b3e2a..8eb95f35ac92 100644 --- a/architecture/service_catalog/index.adoc +++ b/architecture/service_catalog/index.adoc @@ -13,16 +13,6 @@ toc::[] [[service-catalog-overview]] == Overview -[NOTE] -==== -The service catalog is currently a Technology Preview feature. -//// -ifdef::openshift-origin,openshift-enterprise[] -To opt-in during installation or upgrade, see Installation & Configuration (TODO link). -endif::[] -//// -==== - When developing microservices-based applications to run on cloud native platforms, there are many ways to provision different resources and share their coordinates, credentials, and configuration, depending on the service @@ -189,11 +179,5 @@ spec: {product-title} provides the following service brokers for use with the service catalog. -[NOTE] -==== -Because the service catalog is currently Technology Preview, the provided -service brokers are also currently Technology Preview. -==== - - xref:../../architecture/service_catalog/template_service_broker.adoc#arch-template-service-broker[Template Service Broker] -- xref:../../architecture/service_catalog/ansible_service_broker.adoc#arch-ansible-service-broker[Ansible Service Broker] +- xref:../../architecture/service_catalog/ansible_service_broker.adoc#arch-ansible-service-broker[OpenShift Ansible Broker] diff --git a/architecture/service_catalog/template_service_broker.adoc b/architecture/service_catalog/template_service_broker.adoc index 9e4de9b93f5c..f95ba717b75a 100644 --- a/architecture/service_catalog/template_service_broker.adoc +++ b/architecture/service_catalog/template_service_broker.adoc @@ -10,15 +10,6 @@ toc::[] {nbsp} + -[NOTE] -==== -The service catalog is currently a Technology Preview feature. -//// -ifdef::openshift-origin,openshift-enterprise[] -To opt-in during installation or upgrade, see Installation & Configuration (TODO link). -endif::[] -//// -==== The _template service broker_ (TSB) gives the service catalog visibility into the xref:../../dev_guide/templates.adoc#using-the-instantapp-templates[default Instant App and Quickstart templates] that have shipped with {product-title} diff --git a/install_config/adding_hosts_to_existing_cluster.adoc b/install_config/adding_hosts_to_existing_cluster.adoc index a67de6c77e8c..8063403fed49 100644 --- a/install_config/adding_hosts_to_existing_cluster.adoc +++ b/install_config/adding_hosts_to_existing_cluster.adoc @@ -59,7 +59,14 @@ The recommended maximum number of nodes is 300. To add nodes to your installation: -. Re-run the installer with the `install` subcommand in interactive or +. Ensure you have the latest installer and playbooks by updating the +*openshift-ansible* packages: ++ +---- +# yum update openshift-ansible +---- + +. Run the installer with the `scaleup` subcommand in interactive or unattended mode: + ---- @@ -117,11 +124,11 @@ The recommended maximum number of nodes is 300. To add a host to an existing cluster: -. Ensure you have the latest playbooks by updating the *atomic-openshift-utils* -package: +. Ensure you have the latest playbooks by updating the *openshift-ansible* +packages: + ---- -# yum update atomic-openshift-utils +# yum update openshift-ansible ---- . Edit your *_/etc/ansible/hosts_* file and add *new_* to the @@ -219,4 +226,53 @@ node3.example.com openshift_node_labels="{'region': 'primary', 'zone': 'west'}" [new_nodes] ---- -==== + +[[adding-etcd-hosts-to-existing-cluster]] +== Adding etcd Hosts to existing Cluster +You can add new etcd hosts to your cluster by running the _etcd scaleup_ +playbook. This playbook queries the master, generates and distributes new +certificates for the new hosts, and then runs the configuration playbooks on the +new hosts only. Before running the etcd *_scaleup.yml_* playbook, complete all +prerequisite +xref:../install_config/install/host_preparation.adoc#install-config-install-host-preparation[host +preparation] steps. + +To add an etcd host to an existing cluster: + +. Ensure you have the latest playbooks by updating the *openshift-ansible* packages: ++ +[source, bash] +---- +$ yum update openshift-ansible +---- + +. Edit your *_/etc/ansible/hosts_* file, add *new_* to the +*[OSEv3:children]* group and add hosts under the *new_* group: ++ +For example, to add a new etcd, add *new_etcd*: ++ +---- +[OSEv3:children] +masters +nodes +etcd +new_etcd + +[etcd] +etcd1.example.com +etcd2.example.com + +[new_etcd] +etcd3.example.com +---- + +. Run the etcd *_scaleup.yml_* playbook. If your inventory file is located somewhere other than the default of *_/etc/ansible/hosts_*, specify the location with the `-i` option. ++ +[source, bash] +---- +$ ansible-playbook [-i /path/to/file] \ + /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-etcd/scaleup.yml +---- + +. After the playbook completes successfully, +xref:../install_config/install/advanced_install.adoc#advanced-verifying-the-installation[verify the installation]. diff --git a/install_config/aggregate_logging.adoc b/install_config/aggregate_logging.adoc index f709773ea8b9..fa0e920f95f2 100644 --- a/install_config/aggregate_logging.adoc +++ b/install_config/aggregate_logging.adoc @@ -3,10 +3,10 @@ {product-author} {product-version} ifdef::openshift-enterprise[] -:latest-tag: 3.5.0 +:latest-tag: v3.7.9 endif::[] ifdef::openshift-origin[] -:latest-tag: v1.5.0 +:latest-tag: v3.7.9 endif::[] :data-uri: :icons: diff --git a/install_config/downgrade.adoc b/install_config/downgrade.adoc index f023dd881a7d..dedbd6c5083c 100644 --- a/install_config/downgrade.adoc +++ b/install_config/downgrade.adoc @@ -14,12 +14,12 @@ toc::[] == Overview -Following an OpenShift Enterprise -xref:../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade], it may be desirable in -extreme cases to downgrade your cluster to a previous version. The following -sections outline the required steps for each system in a cluster to perform such -a downgrade, currently supported for the OpenShift Enterprise 3.1 to 3.0 -downgrade path. +Following an {product-title} +xref:../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade], +it may be desirable in extreme cases to downgrade your cluster to a previous +version. The following sections outline the required steps for each system in a +cluster to perform such a downgrade for the {product-title} 3.7 to 3.6 downgrade +path. [IMPORTANT] ==== @@ -32,9 +32,17 @@ Enterprise 3.2 to 3.1 downgrade path. == Verifying Backups The Ansible playbook used during the -xref:../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade process] should have created -a backup of the *_master-config.yaml_* file and the etcd data directory. Ensure -these exist on your masters and etcd members: +xref:../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade +process] should have created a backup of the *_master-config.yaml_* file and the +etcd data directory. Ensure these exist on your masters and etcd members: + +---- +/etc/origin/master/master-config.yaml. +/var/lib/etcd/openshift-backup- +---- + +Also, back up the *_node-config.yaml_* file on each node (including masters, +which have the node component on them) with a timestamp: ==== ---- @@ -100,21 +108,20 @@ If you are using external etcd, also remove the *etcd* package: ---- ==== -For embedded etcd, you can leave the *etcd* package installed, as the package is -only required so that the `etcdctl` command is available to issue operations in -later steps. +Both {product-title} 3.6 and 3.7 require Docker 1.12, so Docker does not need to +be downgraded. [[downgrade-reinstalling-rpms]] == Reinstalling RPMs -Disable the OpenShift Enteprise 3.1 repositories, and re-enable the 3.0 +Disable the {product-title} 3.7 repositories, and re-enable the 3.6 repositories: ==== ---- # subscription-manager repos \ - --disable=rhel-7-server-ose-3.1-rpms \ - --enable=rhel-7-server-ose-3.0-rpms + --disable=rhel-7-server-ose-3.7-rpms \ + --enable=rhel-7-server-ose-3.6-rpms ---- ==== @@ -382,9 +389,11 @@ itself and ensure these settings match. + ==== ---- -# rm -rf /var/lib/etcd/member -# systemctl enable etcd -# systemctl start etcd +ifdef::openshift-enterprise[] +# oc get -n default dc/docker-registry -o json | grep \"image\" + "image": "openshift3/ose-docker-registry:v3.6.173.0.49", +# oc get -n default dc/router -o json | grep \"image\" + "image": "openshift3/ose-haproxy-router:v3.6.173.0.49", ---- ==== diff --git a/install_config/install/advanced_install.adoc b/install_config/install/advanced_install.adoc index 4eca18a6b658..5270480b5dd1 100644 --- a/install_config/install/advanced_install.adoc +++ b/install_config/install/advanced_install.adoc @@ -8,6 +8,12 @@ :toc: macro :toc-title: :prewrap!: +ifdef::openshift-enterprise[] +:pb-prefix: /usr/share/ansible/openshift-ansible/ +endif::[] +ifdef::openshift-origin[] +:pb-prefix: ~/openshift-ansible/ +endif::[] toc::[] @@ -57,7 +63,7 @@ and xref:../../install_config/install/host_preparation.adoc#install-config-install-host-preparation[Host Preparation] topics to prepare your hosts. This includes verifying system and environment requirements per component type and properly installing and -configuring Docker. It also includes installing Ansible version 2.2.0 or later, +configuring Docker. It also includes installing Ansible version 2.3 or later, as the advanced installation method is based on Ansible playbooks and as such requires directly invoking Ansible. @@ -172,12 +178,14 @@ Containerized installations are supported starting in {product-title} 3.1.1. endif::[] |`openshift_master_admission_plugin_config` -a|This variable sets the parameter and arbitrary JSON values as per the requirement in your inventory hosts file. For example: +a|This variable sets the parameter and arbitrary JSON values as per the requirement in your inventory hosts file. +//// +For example: ---- openshift_master_admission_plugin_config={"ClusterResourceOverride":{"configuration":{"apiVersion":"v1","kind":"ClusterResourceOverrideConfig","memoryRequestToLimitPercent":"25","cpuRequestToLimitPercent":"25","limitCPUToMemoryPercent":"200"}}} ---- - +//// |`openshift_master_audit_config` |This variable enables API service auditing. See xref:../../install_config/master_node_configuration.adoc#master-node-config-audit-config[Audit @@ -340,16 +348,16 @@ are based on the deployment type configuration (usually defined in an Ansible inventory file). ifdef::openshift-enterprise[] -Ensure the `deployment_type` parameter in your inventory file's `[OSEv3:vars]` +Ensure the `openshift_deployment_type` parameter in your inventory file's `[OSEv3:vars]` section is set to `openshift-enterprise` to install the {product-title} variant: ---- [OSEv3:vars] -deployment_type=openshift-enterprise +openshift_deployment_type=openshift-enterprise ---- endif::[] ifdef::openshift-origin[] -Ensure the `deployment_type` parameter in your inventory file's `[OSEv3:vars]` +Ensure the `openshift_deployment_type` parameter in your inventory file's `[OSEv3:vars]` section is set to `origin` to install the {product-title} variant: ---- @@ -461,10 +469,10 @@ the following variables in the *_/etc/ansible/hosts_* file: |=== |Variable |Purpose -|openshift_master_api_port +|`openshift_master_api_port` |This variable sets the port number to access the {product-title} API. -|openshift_master_console_port +|`openshift_master_console_port` |This variable sets the console port number to access the {product-title} console with a web browser. |=== @@ -581,8 +589,8 @@ endif::[] ifdef::openshift-origin[] link:https://github.com/openshift/origin#support-for-kubernetes-alpha-features[Tech Preview] endif::[] -features in {product-title} 3.6. They must not be used in production and they -are not supported for upgrades to {product-title} 3.6. During this phase, they +features in {product-title} 3.7. They must not be used in production and they +are not supported for upgrades to {product-title} 3.7. During this phase, they are only meant for use with new cluster installations in non-production environments. ==== @@ -894,9 +902,9 @@ the GlusterFS node. + ---- [nodes] -192.168.10.14 -192.168.10.15 -192.168.10.16 +192.168.10.11 +192.168.10.12 +192.168.10.13 ---- . After completing the cluster installation per @@ -1352,7 +1360,7 @@ Certificate and key file paths can be configured using the `*openshift_master_named_certificates*` cluster variable: ---- -openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key"}] +openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "cafile": "/path/to/custom-ca1.crt"}] ---- File paths must be local to the system where Ansible will be run. Certificates @@ -1364,7 +1372,7 @@ Detected names can be overridden by providing the `*"names"*` key when setting `*openshift_master_named_certificates*`: ---- -openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "names": ["public-master-host.com"]}] +openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "names": ["public-master-host.com"], "cafile": "/path/to/custom-ca1.crt"}] ---- Certificates configured using `*openshift_master_named_certificates*` are cached @@ -1421,14 +1429,17 @@ xref:../../install_config/redeploying_certificates.adoc#install-config-redeployi [[advanced-install-cluster-metrics]] === Configuring Cluster Metrics -Cluster metrics are not set to automatically deploy by default. Set the -following to enable cluster metrics when using the advanced install: +Starting with {product-title} 3.7, cluster metrics are set to deploy +automatically by default during installation: ----- -[OSEv3:vars] +[NOTE] +==== +To disable automatic deployment, set the following cluster variable: -openshift_metrics_install_metrics=true ---- +openshift_metrics_install_metrics=false +---- +==== The {product-title} web console uses the data coming from the Hawkular Metrics service to display its graphs. The metrics public URL can be set during cluster @@ -1508,14 +1519,17 @@ openshift_metrics_cassandra_storage_type=dynamic [[advanced-install-cluster-logging]] === Configuring Cluster Logging -Cluster logging is not set to automatically deploy by default. Set the -following to enable cluster logging when using the advanced installation method: +Starting with {product-title} 3.7, cluster logging is set to deploy +automatically by default during installation. ----- -[OSEv3:vars] +[NOTE] +==== +To disable automatic deployment, set the following cluster variable: -openshift_logging_install_logging=true ---- +openshift_metrics_install_logging=false +---- +==== [[advanced-installation-logging-storage]] ==== Configuring Logging Storage @@ -1583,31 +1597,18 @@ openshift_logging_storage_kind=dynamic ---- [[enabling-service-catalog]] -=== Enabling the Service Catalog +=== Configuring the Service Catalog + +Starting with {product-title} 3.7, the +xref:../../architecture/service_catalog/index.adoc#architecture-additional-concepts-service-catalog[service +catalog] is enabled by default during installation. Enabling the service broker +allows service brokers to be registered with the catalog. The web console is +also configured to enable an updated landing page for browsing the catalog. [NOTE] ==== -Enabling the service catalog is a Technology Preview feature only. -ifdef::openshift-enterprise[] -Technology Preview features are not -supported with Red Hat production service level agreements (SLAs), might not be -functionally complete, and Red Hat does not recommend to use them for -production. These features provide early access to upcoming product features, -enabling customers to test functionality and provide feedback during the -development process. - -For more information on Red Hat Technology Preview features support scope, see -https://access.redhat.com/support/offerings/techpreview/. -endif::[] -==== - -Enabling the -xref:../../architecture/service_catalog/index.adoc#architecture-additional-concepts-service-catalog[service catalog] allows service brokers to be registered with the catalog. The web -console is also configured to enable an updated landing page for browsing the -catalog. - -To enable the service catalog, add the following in your inventory file's -`[OSEv3:vars]` section: +To disable automatic deployment, set the following cluster variables in your +inventory file: ---- openshift_enable_service_catalog=true @@ -1616,40 +1617,22 @@ openshift_service_catalog_image_prefix=openshift/origin- openshift_service_catalog_image_version=latest endif::[] ---- +==== When the service catalog is enabled, the web console shows the updated landing -page but still uses the normal image stream and template behavior. The Ansible -service broker is also enabled; see -xref:configuring-ansible-service-broker[Configuring the Ansible Service Broker] -for more details. The template service broker (TSB) is not deployed by default; -see xref:configuring-template-service-broker[Configuring the Template Service Broker] for more information. +page. The OpenShift Ansible broker and template service broker are both enabled +as well; see xref:configuring-openshift-ansible-broker[Configuring the OpenShift Ansible Broker] and xref:configuring-template-service-broker[Configuring the Template Service Broker] for more information. -[[configuring-ansible-service-broker]] -=== Configuring the Ansible Service Broker - -[NOTE] -==== -Enabling the Ansible service broker is a Technology Preview feature only. -ifdef::openshift-enterprise[] -Technology Preview features are not -supported with Red Hat production service level agreements (SLAs), might not be -functionally complete, and Red Hat does not recommend to use them for -production. These features provide early access to upcoming product features, -enabling customers to test functionality and provide feedback during the -development process. - -For more information on Red Hat Technology Preview features support scope, see -https://access.redhat.com/support/offerings/techpreview/. -endif::[] -==== +[[configuring-openshift-ansible-broker]] +=== Configuring the OpenShift Ansible Broker -If you have xref:enabling-service-catalog[enabled the service catalog], the -xref:../../architecture/service_catalog/ansible_service_broker.adoc#arch-ansible-service-broker[Ansible service broker] (ASB) is also enabled. +Starting with {product-title} 3.7, the +xref:../../architecture/service_catalog/ansible_service_broker.adoc#arch-ansible-service-broker[OpenShift Ansible broker] (OAB) is enabled by default. -The ASB deploys its own etcd instance separate from the etcd used by the rest of -the {product-title} cluster. The ASB's etcd instance requires separate storage +The OAB deploys its own etcd instance separate from the etcd used by the rest of +the {product-title} cluster. The OAB's etcd instance requires separate storage using persistent volumes (PVs) to function. If no PV is available, etcd will -wait until the PV can be satisfied. The ASB application will enter a `CrashLoop` +wait until the PV can be satisfied. The OAB application will enter a `CrashLoop` state until its etcd instance is available. [NOTE] @@ -1660,10 +1643,10 @@ xref:../../install_config/persistent_storage/index.adoc#install-config-persisten ==== Some Ansible playbook bundles (APBs) may also require a PV for their own usage. -Two APBs are currently provided with {product-title} 3.6: MediaWiki and +Two APBs are currently provided with {product-title} 3.7: MediaWiki and PostgreSQL. Both of these require their own PV to deploy. -To configure the ASB: +To configure the OAB: . In your inventory file, add `nfs` to the `[OSEv3:children]` section to enable the `[nfs]` group: @@ -1683,9 +1666,7 @@ be the NFS host: master1.example.com ---- -. In addition to the settings from xref:enabling-service-catalog[Enabling the -Service Catalog], add the following in the `[OSEv3:vars]` -section: +. Add the following in the `[OSEv3:vars]` section: + ---- openshift_hosted_etcd_storage_kind=nfs @@ -1712,49 +1693,23 @@ ifdef::openshift-origin[] requires authentication for pulling APBs. endif::[] + -These settings create a persistent volume that is attached to the ASB's etcd +These settings create a persistent volume that is attached to the OAB's etcd instance during cluster installation. [[configuring-template-service-broker]] === Configuring the Template Service Broker -[NOTE] -==== -Enabling the template service broker is a Technology Preview feature only. -ifdef::openshift-enterprise[] -Technology Preview features are not -supported with Red Hat production service level agreements (SLAs), might not be -functionally complete, and Red Hat does not recommend to use them for -production. These features provide early access to upcoming product features, -enabling customers to test functionality and provide feedback during the -development process. - -For more information on Red Hat Technology Preview features support scope, see -https://access.redhat.com/support/offerings/techpreview/. -endif::[] -==== - -If you have xref:enabling-service-catalog[enabled the service catalog], you can -also enable the -xref:../../architecture/service_catalog/template_service_broker.adoc#arch-template-service-broke[template service broker] (TSB). +Starting with {product-title} 3.7, the xref:../../architecture/service_catalog/template_service_broker.adoc#arch-template-service-broke[template service broker] (TSB) is enabled by default. -To configure the TSB: +To configure the TSB, one or more projects must be defined as the broker's +source namespace(s) for loading templates and image streams into the service +catalog. Set the desired projects by modifying the following in your inventory +file's `[OSEv3:vars]` section: -. One or more projects must be defined as the broker's source -namespace(s) for loading templates and image streams into the service catalog. -Set the desired projects by modifying the following in your inventory file's -`[OSEv3:vars]` section: -+ ---- openshift_template_service_broker_namespaces=['openshift','myproject'] ---- -. The installer currently does not automate installation of the TSB, so additional -steps must be run manually after the cluster installation has completed. -Continue with the rest of the preparation of your inventory file, then see -xref:running-the-advanced-installation[Running the Advanced Installation] for -the additional steps to deploy the TSB. - [[configuring-web-console-customization]] === Configuring Web Console Customization @@ -1980,25 +1935,23 @@ Moving from a single master cluster to multiple masters after installation is not supported. ==== -When configuring multiple masters, the advanced installation supports the following high -availability (HA) method: +When configuring multiple masters, the advanced installation supports the +`native` high availability (HA) method. This method leverages the native HA +master capabilities built into {product-title} and can be combined with any load +balancing solution. -[cols="1,5"] -|=== -|`native` -|Leverages the native HA master capabilities built into {product-title} and can be -combined with any load balancing solution. If a host is defined in the *[lb]* -section of the inventory file, Ansible installs and configures HAProxy -automatically as the load balancing solution. If no host is defined, it is -assumed you have pre-configured an external load balancing solution of your choice to -balance the master API (port 8443) on all master hosts. -|=== +If a host is defined in the *[lb]* section of the inventory file, Ansible +installs and configures HAProxy automatically as the load balancing solution. If +no host is defined, it is assumed you have pre-configured an external load +balancing solution of your choice to balance the master API (port 8443) on all +master hosts. [NOTE] ==== This HAProxy load balancer is intended to demonstrate the API server's HA mode -and is not recommended for production environments. If you are deploying to a cloud provider, Red Hat recommends deploying - a cloud-native TCP-based load balancer or take other steps to provide a highly available load balancer. +and is not recommended for production environments. If you are deploying to a +cloud provider, Red Hat recommends deploying a cloud-native TCP-based load +balancer or take other steps to provide a highly available load balancer. ==== For an external load balancing solution, you must have: @@ -2011,36 +1964,17 @@ values (8443 by default) and proxying back to all master hosts on that port. `openshift_master_cluster_public_hostname` and `openshift_master_cluster_hostname` in the {product-title} installer. -[NOTE] -==== -This HAProxy load balancer is intended to demonstrate the API server's HA mode -and is not recommended for production environments. If you are deploying to a cloud provider we recommend -that you deploy a cloud-native TCP-based load balancer or take other steps to provide a highly available load balancer. -==== - See -link:https://github.com/redhat-cop/openshift-playbooks/blob/master/playbooks/installation/load_balancing.adoc[External -Load Balancer Integrations] for more information. +link:https://github.com/redhat-cop/openshift-playbooks/blob/master/playbooks/installation/load_balancing.adoc[External Load Balancer Integrations] for more information. For more on the high +availability master architecture, see +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[Kubernetes Infrastructure]. [NOTE] ==== -For more on the high availability master architecture, see -xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[Kubernetes -Infrastructure]. -==== - -Note the following when using the `native` HA method: - -- The advanced installation method does not currently support multiple HAProxy +The advanced installation method does not currently support multiple HAProxy load balancers in an active-passive setup. See the -https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Load_Balancer_Administration/ch-lvs-overview-VSA.html[Load -Balancer Administration documentation] for post-installation amendments. -- In a HAProxy setup, controller manager servers run as standalone processes. -They elect their active leader with a lease stored in *etcd*. The lease -expires after 30 seconds by default. If a failure happens on an active -controller server, it will take up to this number of seconds to elect another -leader. The interval can be configured with the `*osm_controller_lease_ttl*` -variable. +https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Load_Balancer_Administration/ch-lvs-overview-VSA.html[Load Balancer Administration documentation] for post-installation amendments. +==== To configure multiple masters, refer to the following section. @@ -2133,9 +2067,6 @@ openshift_master_cluster_public_hostname=openshift-cluster.example.com # apply updated node defaults openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['90'], 'image-gc-low-threshold': ['80']} -# override the default controller lease ttl -#osm_controller_lease_ttl=30 - # enable ntp on masters to ensure proper failover openshift_clock_enabled=true @@ -2232,9 +2163,6 @@ openshift_master_cluster_method=native openshift_master_cluster_hostname=openshift-cluster.example.com openshift_master_cluster_public_hostname=openshift-cluster.example.com -# override the default controller lease ttl -#osm_controller_lease_ttl=30 - # host group for masters [masters] master1.example.com @@ -2275,6 +2203,17 @@ playbook via Ansible. {product-title} installations are currently supported using the RPM-based installer, while the containerized installer is currently a Technology Preview feature. +The installer uses modularized playbooks allowing administrators to install +specific components as needed. By breaking up the roles and playbooks, there is +better targeting of ad hoc administration tasks. This results in an increased +level of control during installations and results in time savings. + +[NOTE] +==== +The playbooks and their ordering are detailed below in +xref:running-the-advanced-installation-individual-components[Running Individual Component Playbooks]. +==== + [[running-the-advanced-installation-rpm]] === Running the RPM-based Installer @@ -2320,10 +2259,10 @@ containerized environment instead of directly on the host. + ---- ifdef::openshift-enterprise[] -$ docker pull registry.access.redhat.com/openshift3/ose-ansible:v3.6 +$ docker pull registry.access.redhat.com/openshift3/ose-ansible:v3.7 endif::[] ifdef::openshift-origin[] -$ docker pull docker.io/openshift/origin-ansible:v3.6 +$ docker pull docker.io/openshift/origin-ansible:v3.7 endif::[] ---- @@ -2335,10 +2274,10 @@ the installer image from the local *docker* engine to OSTree storage: ---- $ atomic pull --storage ostree \ ifdef::openshift-enterprise[] - docker:registry.access.redhat.com/openshift3/ose-ansible:v3.6 + docker:registry.access.redhat.com/openshift3/ose-ansible:v3.7 endif::[] ifdef::openshift-origin[] - docker:docker.io/openshift/origin-ansible:v3.6 + docker:docker.io/openshift/origin-ansible:v3.7 endif::[] ---- @@ -2350,10 +2289,10 @@ $ atomic install --system \ --name=openshift-installer \//<1> --set INVENTORY_FILE=/path/to/inventory \//<2> ifdef::openshift-enterprise[] - docker:registry.access.redhat.com/openshift3/ose-ansible:v3.6 + docker:registry.access.redhat.com/openshift3/ose-ansible:v3.7 endif::[] ifdef::openshift-origin[] - docker:docker.io/openshift/origin-ansible:v3.6 + docker:docker.io/openshift/origin-ansible:v3.7 endif::[] ---- <1> Sets the name for the systemd service. @@ -2395,12 +2334,12 @@ $ atomic install --system \ --storage=ostree \ --name=openshift-installer \ --set INVENTORY_FILE=/etc/ansible/hosts \ - --set PLAYBOOK_FILE=playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade.yml \//<1> + --set PLAYBOOK_FILE=playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml \//<1> ifdef::openshift-enterprise[] - docker:registry.access.redhat.com/openshift3/ose-ansible:v3.6 + docker:registry.access.redhat.com/openshift3/ose-ansible:v3.7 endif::[] ifdef::openshift-origin[] - docker:docker.io/openshift/origin-ansible:v3.6 + docker:docker.io/openshift/origin-ansible:v3.7 endif::[] ---- <1> Set `PLAYBOOK_FILE` to the relative path of the playbook starting at the @@ -2408,100 +2347,73 @@ endif::[] documentation assume use of the RPM-based installer, so use this relative path instead when using the containerized installer. -[[running-the-advanced-installation-tsb]] -=== Deploying the Template Service Broker +[[running-the-advanced-installation-individual-components]] +=== Running Individual Component Playbooks -If you have xref:enabling-service-catalog[enabled the service catalog] and want -to deploy the xref:configuring-template-service-broker[template service broker] -(TSB), run the following manual steps after the cluster installation completes -successfully: +The main installation playbook *_{pb-prefix}playbooks/byo/config.yml_* runs a +set of individual component playbooks in a specific order, and the installer +reports back at the end what phases you have gone through. If the installation +fails during a phase, you are notified on the screen along with the errors from +the Ansible run. -[NOTE] -==== -The template service broker is a Technology Preview feature only. -ifdef::openshift-enterprise[] -Technology Preview features are not -supported with Red Hat production service level agreements (SLAs), might not be -functionally complete, and Red Hat does not recommend to use them for -production. These features provide early access to upcoming product features, -enabling customers to test functionality and provide feedback during the -development process. - -For more information on Red Hat Technology Preview features support scope, see -https://access.redhat.com/support/offerings/techpreview/. -endif::[] -==== +After you resolve the issue, rather than run the entire installation over again, +you can pick up from the failed phase. You must then run each of the remaining +playbooks in order: -[WARNING] -==== -Enabling the TSB currently requires opening unauthenticated access to the -cluster; this security issue will be resolved before exiting the Technology -Preview phase. -==== - -. Ensure that one or more source projects for the TSB were defined via -`openshift_template_service_broker_namespaces` as described in -xref:../../install_config/install/advanced_install.adoc#configuring-template-service-broker[Configuring the Template Service Broker]. - -. Run the following command to enable unauthenticated access for the TSB: -+ ---- -$ oc adm policy add-cluster-role-to-group \ - system:openshift:templateservicebroker-client \ - system:unauthenticated system:authenticated +# ansible-playbook [-i /path/to/inventory] ---- -. Create a *_template-broker.yml_* file with the following contents: -+ -[source,yaml] ----- -apiVersion: servicecatalog.k8s.io/v1alpha1 -kind: Broker -metadata: - name: template-broker -spec: - url: https://kubernetes.default.svc:443/brokers/template.openshift.io ----- +The following table is sorted in order of when each individual component +playbook is run: -. Use the file to register the broker: -+ ----- -$ oc create -f template-broker.yml ----- +.Individual Component Playbook Run Order +[options="header",cols="1,3"] +|=== +|Playbook Name |File Location -. Enable the Technology Preview feature in the web console to use the TSB instead -of the standard `openshift` global library behavior. +|Health Check +|*_{pb-prefix}playbooks/byo/openshift-checks/pre-install.yml_* -.. Save the following script to a file (for example, *_tech-preview.js_*): -+ -[source, javascript] ----- -window.OPENSHIFT_CONSTANTS.ENABLE_TECH_PREVIEW_FEATURE.template_service_broker = true; ----- +|etcd Install +|*_{pb-prefix}playbooks/byo/openshift-etcd/config.yml_* -.. Add the file to the master configuration file in -*_/etc/origin/master/master-config.yml_*: -+ -[source, yaml] ----- -assetConfig: - ... - extensionScripts: - - /path/to/tech-preview.js ----- +|NFS Install +|*_{pb-prefix}playbooks/byo/openshift-nfs/config.yml_* -.. Restart the master service: -+ -ifdef::openshift-origin[] ----- -# systemctl restart origin-master ----- -endif::[] -ifdef::openshift-enterprise[] ----- -# systemctl restart atomic-openshift-master ----- -endif::[] +|Load Balancer Install +|*_{pb-prefix}playbooks/byo/openshift-loadbalancer/config.yml_* + +|Master Install +|*_{pb-prefix}playbooks/byo/openshift-master/config.yml_* + +|Master Additional Install +|*_{pb-prefix}playbooks/byo/openshift-master/additional_config.yml_* + +|Node Install +|*_{pb-prefix}playbooks/byo/openshift-node/config.yml_* + +|GlusterFS Install +|*_{pb-prefix}playbooks/byo/openshift-glusterfs/config.yml_* + +|Hosted Install +|*_{pb-prefix}playbooks/byo/openshift-cluster/openshift-hosted.yml_* + +|Metrics Install +|*_{pb-prefix}playbooks/byo/openshift-cluster/openshift-metrics.yml_* + +|Logging Install +|*_{pb-prefix}playbooks/byo/openshift-cluster/openshift-logging.yml_* + +|Prometheus Install +|*_{pb-prefix}playbooks/byo/openshift-cluster/openshift-prometheus.yml_* + +|Service Catalog Install +|*_{pb-prefix}playbooks/byo/openshift-cluster/service-catalog.yml_* + +|Management Install +|*_{pb-prefix}playbooks/byo/openshift-management/config.yml_* +|=== [[advanced-verifying-the-installation]] == Verifying the Installation diff --git a/install_config/install/disconnected_install.adoc b/install_config/install/disconnected_install.adoc index b58705eb70dc..59446e6907e9 100644 --- a/install_config/install/disconnected_install.adoc +++ b/install_config/install/disconnected_install.adoc @@ -2,9 +2,9 @@ = Disconnected Installation {product-author} {product-version} -:latest-tag: v3.5.5.2 -:latest-int-tag: 3.5.0 -:latest-registry-console-tag: 3.5 +:latest-tag: v3.7.9 +:latest-int-tag: v3.7.9 +:latest-registry-console-tag: v3.7.9 :data-uri: :icons: :experimental: @@ -120,7 +120,8 @@ attach it: # subscription-manager repos \ --enable="rhel-7-server-rpms" \ --enable="rhel-7-server-extras-rpms" \ - --enable="rhel-7-server-ose-3.5-rpms" + --enable="rhel-7-fast-datapath-rpms" \ + --enable="rhel-7-server-ose-3.7-rpms" ---- . The `yum-utils` command provides the *reposync* utility, which lets you mirror @@ -152,7 +153,7 @@ modify the command for the appropriate path you created above: rhel-7-server-rpms \ rhel-7-server-extras-rpms \ rhel-7-fast-datapath-rpms \ -rhel-7-server-ose-3.5-rpms +rhel-7-server-ose-3.7-rpms do reposync --gpgcheck -lm --repoid=${repo} --download_path=/path/to/repos createrepo -v ${repo} @@ -182,7 +183,32 @@ To sync the container images: ---- . Pull all of the required {product-title} containerized components for the -additional centralized log aggregation and metrics aggregation components: +additional centralized log aggregation and metrics aggregation components. +ifdef::openshift-enterprise[] +Replace `` with `{latest-int-tag}` for the latest version. +endif::[] ++ +---- +# docker pull registry.access.redhat.com/openshift3/logging-auth-proxy: +# docker pull registry.access.redhat.com/openshift3/logging-curator: +# docker pull registry.access.redhat.com/openshift3/logging-deployer: +# docker pull registry.access.redhat.com/openshift3/logging-elasticsearch: +# docker pull registry.access.redhat.com/openshift3/logging-fluentd: +# docker pull registry.access.redhat.com/openshift3/logging-kibana: +# docker pull registry.access.redhat.com/openshift3/metrics-cassandra: +# docker pull registry.access.redhat.com/openshift3/metrics-deployer: +# docker pull registry.access.redhat.com/openshift3/metrics-hawkular-metrics: +# docker pull registry.access.redhat.com/openshift3/metrics-hawkular-openshift-agent: +# docker pull registry.access.redhat.com/openshift3/metrics-heapster: +---- + +. For the service catalog, OpenShift Asnible broker, and template service broker +features (as described in +xref:../../install_config/install/advanced_install.html#enabling-service-catalog[Advanced +Installation]), pull the following images. +ifdef::openshift-enterprise[] +Replace `` with `{latest-tag}` for the latest version. +endif::[] + ---- # docker pull registry.access.redhat.com/openshift3/logging-deployment @@ -372,9 +398,9 @@ name=rhel-7-fast-datapath-rpms baseurl=http:///repos/rhel-7-fast-datapath-rpms enabled=1 gpgcheck=0 -[rhel-7-server-ose-3.5-rpms] -name=rhel-7-server-ose-3.5-rpms -baseurl=http:///repos/rhel-7-server-ose-3.5-rpms +[rhel-7-server-ose-3.7-rpms] +name=rhel-7-server-ose-3.7-rpms +baseurl=http:///repos/rhel-7-server-ose-3.7-rpms enabled=1 gpgcheck=0 ---- diff --git a/install_config/install/host_preparation.adoc b/install_config/install/host_preparation.adoc index ba72bb54f02e..b99640e7353b 100644 --- a/install_config/install/host_preparation.adoc +++ b/install_config/install/host_preparation.adoc @@ -29,11 +29,10 @@ ifdef::openshift-enterprise[] [[software-prerequisites]] == Operating System Requirements -A base installation of RHEL 7.3 (with the latest packages from the Extras -channel) or RHEL Atomic Host 7.3.2 or later is required for master and node -hosts. RHEL 7.2 is also supported using Docker 1.12 and its dependencies. See -the following documentation for the respective installation instructions, if -required: +A base installation of RHEL 7.3 or 7.4 (with the latest packages from the Extras +channel) or RHEL Atomic Host 7.4.2 or later is required for master and node +hosts. See the following documentation for the respective installation +instructions, if required: - https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/index.html[Red Hat Enterprise Linux 7 Installation Guide] @@ -90,17 +89,18 @@ Alternatively, disable all repositories: + Note that this could take a few minutes if you have a large number of available repositories -. Enable only the repositories required by {product-title} 3.5: +. Enable only the repositories required by {product-title} 3.7: + ---- # subscription-manager repos \ --enable="rhel-7-server-rpms" \ --enable="rhel-7-server-extras-rpms" \ - --enable="rhel-7-server-ose-3.5-rpms" \ + --enable="rhel-7-server-ose-3.7-rpms" \ --enable="rhel-7-fast-datapath-rpms" ---- endif::[] +[[installing-base-packages]] == Installing Base Packages For RHEL 7 systems: @@ -313,25 +313,22 @@ both require leaving free space available when provisioning your host. . Create the *docker-pool* volume using one of the following three options: -** [[docker-storage-a]]*Option A) Use an additional block device.* +** [[docker-storage-a]]*Option A)* Use an additional block device. + In *_/etc/sysconfig/docker-storage-setup_*, set *DEVS* to the path of the block device you wish to use. Set *VG* to the volume group name you wish to create; *docker-vg* is a reasonable choice. For example: + -==== ---- # cat < /etc/sysconfig/docker-storage-setup DEVS=/dev/vdc VG=docker-vg EOF ---- -==== + Then run *docker-storage-setup* and review the output to ensure the *docker-pool* volume was created: + -==== ---- # docker-storage-setup [5/1868] 0 @@ -373,25 +370,21 @@ to zero the first 512 bytes: dd if=/dev/zero of=/dev/foo7 bs=512 count=1 Converted docker-vg/docker-pool to thin pool. Logical volume "docker-pool" changed. ---- -==== -** [[docker-storage-b]]*Option B) Use an existing, specified volume group.* +** [[docker-storage-b]]*Option B)* Use an existing, specified volume group. + In *_/etc/sysconfig/docker-storage-setup_*, set *VG* to the desired volume group. For example: + -==== ---- # cat < /etc/sysconfig/docker-storage-setup VG=docker-vg EOF ---- -==== + Then run *docker-storage-setup* and review the output to ensure the *docker-pool* volume was created: + -==== ---- # docker-storage-setup Rounding up size to full physical extent 16.00 MiB @@ -402,16 +395,14 @@ Then run *docker-storage-setup* and review the output to ensure the Converted docker-vg/docker-pool to thin pool. Logical volume "docker-pool" changed. ---- -==== -** [[docker-storage-c]]*Option C) Use the remaining free space from the volume - group where your root file system is located.* +** [[docker-storage-c]]*Option C)* Use the remaining free space from the volume + group where your root file system is located. + Verify that the volume group where your root file system resides has the desired free space, then run *docker-storage-setup* and review the output to ensure the *docker-pool* volume was created: + -==== ---- # docker-storage-setup Rounding up size to full physical extent 32.00 MiB @@ -422,12 +413,10 @@ free space, then run *docker-storage-setup* and review the output to ensure the Converted rhel/docker-pool to thin pool. Logical volume "docker-pool" changed. ---- -==== . Verify your configuration. You should have a *dm.thinpooldev* value in the *_/etc/sysconfig/docker-storage_* file and a *docker-pool* logical volume: + -==== ---- # cat /etc/sysconfig/docker-storage DOCKER_STORAGE_OPTIONS=--storage-opt dm.fs=xfs --storage-opt @@ -437,7 +426,6 @@ dm.thinpooldev=/dev/mapper/docker--vg-docker--pool LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert docker-pool rhel twi-a-t--- 9.29g 0.00 0.12 ---- -==== + [IMPORTANT] ==== diff --git a/install_config/install/prerequisites.adoc b/install_config/install/prerequisites.adoc index a0bfba66b97d..593426725a55 100644 --- a/install_config/install/prerequisites.adoc +++ b/install_config/install/prerequisites.adoc @@ -8,6 +8,12 @@ :toc: macro :toc-title: :prewrap!: +ifdef::openshift-enterprise[] +:pb-prefix: /usr/share/ansible/openshift-ansible/ +endif::[] +ifdef::openshift-origin[] +:pb-prefix: ~/openshift-ansible/ +endif::[] toc::[] @@ -34,7 +40,7 @@ information. [IMPORTANT] ==== -{product-title} 3.5 requires Docker 1.12. +{product-title} 3.7 requires Docker 1.12. ==== endif::[] @@ -51,13 +57,11 @@ a|- Physical or virtual system, or an instance running on a public or private Ia ifdef::openshift-origin[] - Base OS: Fedora 21, CentOS 7.3, or RHEL 7.3 with the "Minimal" installation option and the latest packages from the Extras channel, or RHEL Atomic Host -7.3.2 or later. RHEL 7.2 is also supported using Docker 1.12 and its -dependencies. +7.4.2 or later. endif::[] ifdef::openshift-enterprise[] -- Base OS: RHEL 7.3 with the "Minimal" installation option and the latest packages -from the Extras channel, or RHEL Atomic Host 7.3.2 or later. RHEL 7.2 is also -supported using Docker 1.12 and its dependencies. +- Base OS: RHEL 7.3 or 7.4 with the "Minimal" installation option and the latest +packages from the Extras channel, or RHEL Atomic Host 7.4.2 or later. endif::[] - 2 vCPU. - Minimum 8 GB RAM. @@ -66,20 +70,31 @@ endif::[] |xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[Nodes] a| - Physical or virtual system, or an instance running on a public or private IaaS. ifdef::openshift-origin[] -* Base OS: Fedora 21, CentOS 7.3, or RHEL 7.3 or later with "Minimal" -installation option, or RHEL Atomic Host 7.3.2 or later. RHEL 7.2 is also supported using Docker 1.12 and its dependencies. +* Base OS: Fedora 21, CentOS 7.3 or 7.4, RHEL 7.3 or 7.4 with "Minimal" +installation option, or RHEL Atomic Host 7.4.2 or later. endif::[] ifdef::openshift-enterprise[] -- Base OS: RHEL 7.1 or later with "Minimal" installation option, or RHEL Atomic -Host 7.2.4 or later. +* Base OS: RHEL 7.3 or 7.4 with "Minimal" installation option, or RHEL Atomic +Host 7.4.2 or later. endif::[] -- NetworkManager 1.0 or later -- 1 vCPU. -- Minimum 8 GB RAM. -- Minimum 15 GB hard disk space for the file system containing *_/var/_*. -- An additional minimum 15 GB unallocated space to be used for Docker's storage -back end; see xref:configuring-docker-storage[Configuring Docker Storage] -below. +* NetworkManager 1.0 or later. +* 1 vCPU. +* Minimum 8 GB RAM. +* Minimum 15 GB hard disk space for the file system containing *_/var/_*. image:redcircle-1.png[] +* Minimum 1 GB hard disk space for the file system containing *_/usr/local/bin/_*. +* Minimum 1 GB hard disk space for the file system containing the system's temporary directory. image:redcircle-2.png[] +* An additional minimum 15 GB unallocated space to be used for Docker's storage +back end; see xref:../../install_config/install/host_preparation.adoc#configuring-docker-storage[Configuring +Docker Storage]. + +|External etcd Nodes +a|* Minimum 20 GB hard disk space for etcd data. +* Consult +link:https://github.com/coreos/etcd/blob/master/Documentation/op-guide/hardware.md#hardware-recommendations[Hardware Recommendations] to properly size your etcd nodes. +* Currently, {product-title} stores image, build, and deployment metadata in +etcd. You must periodically xref:../../admin_guide/pruning_resources.adoc#admin-guide-pruning-resources[prune old resources]. +If you are planning to leverage a large number of these resources, place etcd on +machines with large amounts of memory and fast SSD drives. |=== [NOTE] @@ -622,6 +637,7 @@ a|- tcp/443 from 0.0.0.0/0 If configuring ELBs for load balancing the masters and/or routers, you also need to configure Ingress and Egress security groups for the ELBs appropriately. +[[overriding-detected-ip-addresses-host-names]] ==== Overriding Detected IP Addresses and Host Names Some deployments require that the user override the detected host names and IP @@ -630,7 +646,13 @@ playbook: ==== ---- -# ansible-playbook playbooks/byo/openshift_facts.yml +# ansible-playbook [-i /path/to/inventory] \ +ifdef::openshift-enterprise[] + /usr/share/ansible/openshift-ansible/roles/openshift_facts/library/openshift_facts.py +endif::[] +ifdef::openshift-origin[] + ~/openshift-ansible/roles/openshift_facts/library/openshift_facts.py +endif::[] ---- ==== @@ -718,3 +740,64 @@ Following the installation process, you can configure OpenShift for xref:../../install_config/configuring_aws.adoc#install-config-configuring-aws[AWS], xref:../../install_config/configuring_openstack.adoc#install-config-configuring-openstack[OpenStack], or xref:../../install_config/configuring_gce.adoc#install-config-configuring-gce[GCE]. + +[[prereq-containerized-glusterfs-considerations]] +=== Containerized GlusterFS Considerations + +If you choose to configure +xref:../../install_config/install/advanced_install.adoc#advanced-install-containerized-glusterfs-persistent-storage[containerized GlusterFS persistent storage] for your cluster, or if you choose to configure a +xref:../../install_config/install/advanced_install.adoc#advanced-install-containerized-glusterfs-backed-registry[containerized GlusterFS-backed OpenShift Container Registry], you must consider the following +prerequisites. + +[[prereq-glusterfs-storage-nodes]] +==== Storage Nodes + +To use containerized GlusterFS persistent storage: + +- A minimum of 3 storage nodes is required. +- Each storage node must have at least 1 raw block device with least 100 GB +available. + +To run a containerized GlusterFS-backed OpenShift Container Registry: + +- A minimum of 3 storage nodes is required. +- Each storage node must have at least 1 raw block device with at least 10 GB of +free storage. + +[IMPORTANT] +==== +While containerized GlusterFS persistent storage can be configured and deployed +on the same {product-title} cluster as a containerized GlusterFS-backed +registry, their storage should be kept separate from each other and also +requires additional storage nodes. For example, if both are configured, a total +of 6 storage nodes would be needed: 3 for the registry and 3 for persistent +storage. This limitation is imposed to avoid potential impacts on performance in +I/O and volume creation. +==== + +[[prereq-glusterfs-software-components]] +==== Required Software Components + +ifdef::openshift-enterprise[] +For any RHEL (non-Atomic) storage nodes, the following RPM respository must be +enabled: + +---- +# subscription-manager repos --enable=rh-gluster-3-client-for-rhel-7-server-rpms +---- + +endif::[] + +The `mount.glusterfs` command must be available on all nodes that will host +pods that will use GlusterFS volumes. For RPM-based systems, the +*glusterfs-fuse* package must be installed: + +---- +# yum install glusterfs-fuse +---- + +If GlusterFS is already installed on the nodes, ensure the latest version is installed: + +---- +# yum update glusterfs-fuse +---- diff --git a/install_config/install/quick_install.adoc b/install_config/install/quick_install.adoc index a9d69d9f1067..9bd19f783b4b 100644 --- a/install_config/install/quick_install.adoc +++ b/install_config/install/quick_install.adoc @@ -141,12 +141,11 @@ configuration file manually from scratch to perform an xref:running-an-unattended-installation[unattended installation]. .Installation Configuration File Specification -==== [source,yaml] ---- version: v1 <1> variant: openshift-enterprise <2> -variant_version: 3.5 <3> +variant_version: 3.7 <3> ansible_log_path: /tmp/ansible.log <4> deployment: ansible_ssh_user: root <5> @@ -186,8 +185,9 @@ deployment: Enterprise (OSE) 3.1, the only valid version here is `v1`. <2> The OpenShift variant to install. For OSE, set this to `openshift-enterprise`. -<3> A valid version of your selected variant: `3.5`, `3.4`, `3.3`, `3.2`, or `3.1`. If not -specified, this defaults to the latest version for the specified variant. +<3> A valid version of your selected variant: `3.7`, `3.6`, `3.5`, `3.4`, `3.3`, +`3.2`, or `3.1`. If not specified, this defaults to the latest version for the +specified variant. <4> Defines where the Ansible logs are stored. By default, this is the *_/tmp/ansible.log_* file. <5> Defines which user Ansible uses to SSH in to remote systems for gathering @@ -216,7 +216,10 @@ Containerized] for more details. upgrading, or uninstalling the systems. If the configuration file was auto-generated, then this is the value you first enter for the host during that interactive install process. -==== +<12> Node labels can optionally be set per-host. +<13> Defines a dictionary of roles across the deployment. +<14> Any ansible variables that should only be applied to hosts assigned a role can be defined. +For examples, see xref:../../install_config/install/advanced_install.adoc#configuring-ansible[Configuring Ansible]. [[running-an-unattended-installation]] diff --git a/install_config/install/rpm_vs_containerized.adoc b/install_config/install/rpm_vs_containerized.adoc index 80c521515067..5ad659bc9eda 100644 --- a/install_config/install/rpm_vs_containerized.adoc +++ b/install_config/install/rpm_vs_containerized.adoc @@ -69,24 +69,21 @@ installation, you can specify the registry information ahead of time. For the advanced installation method, you can set the following Ansible variables in your inventory file, as required: -==== ---- -cli_docker_additional_registries= -cli_docker_insecure_registries= -cli_docker_blocked_registries= +openshift_docker_additional_registries= +openshift_docker_insecure_registries= +openshift_docker_blocked_registries= ---- -==== ifdef::openshift-enterprise[] For the quick installation method, you can export the following environment variables on each target host: -==== ---- # export OO_INSTALL_ADDITIONAL_REGISTRIES= # export OO_INSTALL_INSECURE_REGISTRIES= ---- -==== + Blocked Docker registries cannot currently be specified using the quick installation method. @@ -128,11 +125,9 @@ The wrapper scripts mount a limited subset of paths: Be mindful of this when passing in files to be processed by the `oc` or `oadm` commands. You may find it easier to redirect the input, for example: -==== ---- # oc create -f - < my-file.json ---- -==== [NOTE] ==== diff --git a/install_config/install/stand_alone_registry.adoc b/install_config/install/stand_alone_registry.adoc index ad5506169e6e..80bdae8ffcce 100644 --- a/install_config/install/stand_alone_registry.adoc +++ b/install_config/install/stand_alone_registry.adoc @@ -44,6 +44,8 @@ ifdef::openshift-enterprise[] - Base OS: RHEL 7.2 or later with "Minimal" installation option, or RHEL Atomic Host 7.3.2 or later. endif::[] +RHEL 7.3 or 7.4 with the "Minimal" installation option and the latest packages from the +RHEL 7 Extras channel, or RHEL Atomic Host 7.4.2 or later. - NetworkManager 1.0 or later - 2 vCPU. - Minimum 16 GB RAM. diff --git a/install_config/upgrading/automated_upgrades.adoc b/install_config/upgrading/automated_upgrades.adoc index 90643a82eff2..2184e757e607 100644 --- a/install_config/upgrading/automated_upgrades.adoc +++ b/install_config/upgrading/automated_upgrades.adoc @@ -2,7 +2,8 @@ = Performing Automated Cluster Upgrades {product-author} {product-version} -:latest-tag: v3.5.5.2 +:latest-tag: v3.7.9 +:latest-int-tag: v3.7.9 :data-uri: :icons: :experimental: @@ -14,21 +15,6 @@ toc::[] == Overview -[IMPORTANT] -==== -An etcd performance issue has been discovered on new and upgraded {product-title} -ifdef::openshift-enterprise[] -3.5 -endif::[] -ifdef::openshift-origin[] -1.4+ -endif::[] -clusters. See the following Knowledgebase Solution for further details: - -https://access.redhat.com/solutions/2916381[] + -(link:https://bugzilla.redhat.com/show_bug.cgi?id=1415839[*BZ#1415839*]) -==== - If you installed using the xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] and the inventory file that was used is available, you can use the upgrade @@ -124,11 +110,11 @@ ifdef::openshift-enterprise[] [NOTE] ==== -Before upgrading your cluster to {product-title} 3.5, the cluster must be +Before upgrading your cluster to {product-title} 3.7, the cluster must be already upgraded to the -link:https://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html#ocp-34-asynchronous-errata-updates[latest asynchronous release of version 3.4]. Cluster upgrades cannot span more than one -minor version at a time, so if your cluster is at a version earlier than 3.4, -you must first upgrade incrementally (e.g., 3.2 to 3.3, then 3.3 to 3.4). +link:https://docs.openshift.com/container-platform/3.6/release_notes/ocp_3_6_release_notes.html#ocp-36-asynchronous-errata-updates[latest asynchronous release of version 3.6]. Cluster upgrades cannot span more than one +minor version at a time, so if your cluster is at a version earlier than 3.6, +you must first upgrade incrementally (e.g., 3.4 to 3.5, then 3.5 to 3.6). ==== [IMPORTANT] @@ -141,74 +127,79 @@ Issues]. If you are upgrading from OpenShift Enterprise 3.1 to 3.2, on each master and node host you must manually disable the 3.1 channel and enable the 3.2 channel: -. If you are upgrading from {product-title} 3.4 to 3.5, manually disable the 3.4 -channel and enable the 3.5 channel on each master and node host: +. If you are upgrading from {product-title} 3.6 to 3.7, manually disable the 3.6 +channel and enable the 3.7 channel on each master and node host: + ---- -# subscription-manager repos --disable="rhel-7-server-ose-3.4-rpms" \ - --enable="rhel-7-server-ose-3.5-rpms" \ +# subscription-manager repos --disable="rhel-7-server-ose-3.6-rpms" \ + --enable="rhel-7-server-ose-3.7-rpms" \ --enable="rhel-7-server-extras-rpms" \ --enable="rhel-7-fast-datapath-rpms" # yum clean all ---- ==== -For any upgrade path, always ensure that you have the latest version of the -*atomic-openshift-utils* package, which should also update the -*openshift-ansible-** packages: +. For any upgrade path, always ensure that you have the latest version of the +*openshift-ansible-** packages on each RHEL 7 system ++ +---- +# yum update openshift-ansible +---- +. When installing or updating *atomic-openshift-utils*, +*_/usr/share/openshift/examples/_* does not get updated with the latest +templates. To update these files: ++ ---- -# yum update atomic-openshift-utils +# mkdir /usr/share/openshift/examples +# cp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* /usr/share/openshift/examples/ +---- + +. To persist *_/usr/share/openshift/examples/_* on all masters: ++ +---- +# mkdir /usr/share/openshift/examples +# scp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* \ + user@masterx:/usr/share/openshift/examples ---- -There are two methods for running the automated upgrade: -xref:upgrading-using-the-installation-utility-to-upgrade[using the installer] -or xref:running-the-upgrade-playbook-directly[running the upgrade playbook -directly]. Choose and follow one method. +. You must be logged in as a cluster administrative user on the master host for +the upgrade to succeed: ++ +---- +$ oc login +---- -[[upgrading-using-the-installation-utility-to-upgrade]] -== Using the Installer to Upgrade +. Before upgrading to {product-title} 3.7, your cluster must be using external etcd (not embedded) and its data must be using the v3 data model: -If you installed OpenShift using the -xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation] method, -you should have an installation configuration file located at -*_~/.config/openshift/installer.cfg.yml_*. The installer requires this file to -start an upgrade. +.. Starting in {product-title} 3.7, embedded etcd is no longer supported. If you +have an {product-title} 3.6 cluster that is using an embeded etcd, you must run +a playbook to migrate it to external etcd. See +xref:../../install_config/upgrading/migrating_embedded_etcd.adoc#install-config-upgrading-etcd-data-migration[Migrating Embedded etcd to External etcd] for steps. -The installer supports upgrading between minor versions of {product-title} -(one minor version at a time, e.g., 3.4 to 3.5) as well as between -xref:../../release_notes/ocp_3_5_release_notes.adoc#ocp-35-asynchronous-errata-updates[asynchronous errata updates] within a minor version (e.g., 3.5.z). +.. If your cluster was initially installed using *openshift-ansible* version +3.6.173.0.21 or later, your etcd data is already using the v3 model. If it was +upgraded from {product-title} 3.5 to 3.6 before then, you must run a playbook to +migrate the data from the v2 model to v3. See +xref:../../install_config/upgrading/migrating_etcd.adoc#install-config-upgrading-etcd-data-migration[Migrating etcd Data (v2 to v3)] for steps. -If you have an older format installation configuration file in -*_~/.config/openshift/installer.cfg.yml_* from an existing OpenShift Enterprise -3.0 or 3.1 installation, the installer will attempt to upgrade the file to the -new supported format. If you do not have an installation configuration file of -any format, you can -xref:../../install_config/install/quick_install.adoc#defining-an-installation-configuration-file[create -one manually]. +After satisfying these steps, there are two methods for running the automated +upgrade: -To start the upgrade, run the installer with the `upgrade` subcommand: +- xref:running-the-upgrade-playbook-directly[Running the upgrade playbook directly] ----- -# atomic-openshift-installer upgrade ----- +Choose and follow one of these methods. -Then, follow the on-screen instructions to upgrade to the latest release. When -the upgrade finishes, a recommendation will be printed to reboot all hosts. -After rebooting, continue to -xref:automated-upgrading-efk-logging-stack[Upgrading the EFK Logging Stack] if -you have aggregated logging enabled, otherwise proceed to -xref:verifying-the-upgrade[Verifying the Upgrade]. [[running-the-upgrade-playbook-directly]] == Running the Upgrade Playbook Directly -The same *_v3_5_* upgrade playbooks can be used for either of the following +The same *_v3_7_* upgrade playbooks can be used for either of the following scenarios: -- Upgrading existing {product-title} 3.4 clusters to 3.5 -- Upgrading existing {product-title} 3.5 clusters to the latest -xref:../../release_notes/ocp_3_5_release_notes.html#ocp-35-asynchronous-errata-updates[asynchronous +- Upgrading existing {product-title} 3.6 clusters to 3.7 +- Upgrading existing {product-title} 3.7 clusters to the latest +xref:../../release_notes/ocp_3_7_release_notes.html#ocp-37-asynchronous-errata-updates[asynchronous errata updates] [[upgrading-control-plane-nodes-separate-phases]] @@ -222,8 +213,8 @@ using separate playbooks. [NOTE] ==== Instructions on the full upgrade process and when to call these playbooks are -described in xref:upgrading-to-ocp-3-5[Upgrading to the Latest {product-title} -3.5 Release]. +described in xref:upgrading-to-ocp-3-7[Upgrading to the Latest {product-title} +3.7 Release]. ==== [[upgrading-to-openshift-enterprise-3-2-0]] @@ -260,8 +251,8 @@ upgrade playbook using the `-e` option. [NOTE] ==== Instructions on the full upgrade process and when to call these playbooks are -described in xref:upgrading-to-ocp-3-5[Upgrading to the Latest {product-title} -3.5 Release]. +described in xref:upgrading-to-ocp-3-7[Upgrading to the Latest {product-title} +3.7 Release]. ==== The `openshift_upgrade_nodes_serial` variable can be set to an integer or @@ -368,13 +359,31 @@ or `local_action`]. link:http://docs.ansible.com/ansible/playbooks_delegation.html#delegation[`delegate_to` or `local_action`]. -[[upgrading-to-ocp-3-5]] -=== Upgrading to the Latest {product-title} 3.5 Release +[[upgrading-to-ocp-3-7]] +=== Upgrading to the Latest {product-title} 3.7 Release -To upgrade an existing {product-title} 3.4 or 3.5 cluster to the latest 3.5 +To upgrade an existing {product-title} 3.6 or 3.7 cluster to the latest 3.7 release: -. Satisfy the steps in xref:preparing-for-an-automated-upgrade[Preparing for an Automated Upgrade] to ensure you are using the latest upgrade playbooks. +. Satisfy the steps in xref:preparing-for-an-automated-upgrade[Preparing for an +Automated Upgrade] to ensure you are using the latest upgrade playbooks. ++ +[IMPORTANT] +==== +Ensure that the steps on etcd v2 to v3 migration are satisfied, which is a +special requirement for the {product-title} 3.6 to 3.7 upgrade. +==== + +. Ensure the `openshift_deployment_type` parameter (formerly called +`deployment_type`) in your inventory file is set to `openshift-enterprise`. + +. If you have multiple masters configured and want to enable rolling, full system +restarts of the hosts, you can set the `openshift_rolling_restart_mode` +parameter in your inventory file to `system`. Otherwise, the default value +*services* performs rolling service restarts on HA masters, but does not reboot +the systems. See +xref:../install/advanced_install.adoc#configuring-cluster-variables[Configuring +Cluster Variables] for details. . Run the following command on each host to remove the *atomic-openshift* packages from the list of yum excludes on the host: @@ -402,7 +411,7 @@ one playbook; the control plane is still upgraded first, then nodes in-place: + ---- # ansible-playbook -i \ - /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml \ + /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml \ [-e ] <1> ---- <1> See xref:customizing-node-upgrades[Customizing Node Upgrades] for any desired @@ -415,14 +424,14 @@ playbook: + ---- # ansible-playbook -i \ - /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml + /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml ---- .. To upgrade only the nodes, run the *_upgrade_nodes.yaml_* playbook: + ---- # ansible-playbook -i \ - /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml \ + /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml \ [-e ] <1> ---- <1> See xref:customizing-node-upgrades[Customizing Node Upgrades] for any desired @@ -431,8 +440,28 @@ playbook: If you are upgrading the nodes in groups as described in xref:customizing-node-upgrades[Customizing Node Upgrades], continue invoking the *_upgrade_nodes.yml_* playbook until all nodes have been successfully upgraded. +// tag::automated_upgrade_after_reboot[] + +. After all master and node upgrades have completed, a recommendation will be +printed to reboot all hosts. After rebooting, if there are no additional +features enabled, you can xref:verifying-the-upgrade[verify the upgrade]. +Otherwise, the next step depends on what additional features have you previously +enabled. ++ +[cols="1,4"] +|=== +|Feature |Next Step + +|Service Catalog +|xref:automated-upgrading-service-catalog[Enable and configure the service catalog.] -include::install_config/upgrading/automated_upgrades.adoc[tag=automated_upgrade_after_reboot] +|Aggregated Logging +|xref:automated-upgrading-efk-logging-stack[Upgrade the EFK logging stack.] + +| Cluster Metrics +| xref:automated-upgrading-cluster-metrics[Upgrade cluster metrics.] +|=== +// end::automated_upgrade_after_reboot[] endif::[] ifdef::openshift-origin[] @@ -440,14 +469,113 @@ ifdef::openshift-origin[] include::install_config/upgrading/manual_upgrades.adoc[tag=30to31updatingcerts] endif::[] +[[automated-upgrading-service-catalog]] +== Upgrading the Service Catalog + +// tag::automated-service-catalog-upgrade-steps[] +Starting with {product-title} 3.7, the service catalog, OpenShift Ansible +broker, and template service broker are enabled and deployed by default for new +cluster installations. However, they are not deployed by default during the +upgrade from {product-title} 3.6 to 3.7, so you must run an individual component +playbook separate post-upgrade. + +[NOTE] +==== +Upgrading from the {product-title} 3.6 Technology Preview version of the service +catalog and service brokers is not supported. +==== + +To upgrade to these features: + +. See the following three sections in the +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] topic and update your inventory file accordingly: ++ +-- +- xref:../../install_config/install/advanced_install.adoc#enabling-service-catalog[Configuring the Service Catalog] +- xref:../../install_config/install/advanced_install.adoc#configuring-openshift-ansible-broker[Configuring the OpenShift Ansible Broker] +- xref:../../install_config/install/advanced_install.adoc#configuring-template-service-broker[Configuring the Template Service Broker] +-- + +. Run the following playbook: ++ +---- +# ansible-playbook -i \ + /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/service-catalog.yml +---- +// end::automated-service-catalog-upgrade-steps[] + [[automated-upgrading-efk-logging-stack]] == Upgrading the EFK Logging Stack -If you have previously xref:../../install_config/aggregate_logging.adoc#install-config-aggregate-logging[deployed -the EFK logging stack] and want to upgrade to the latest logging component -images, the steps must be performed manually as shown in -xref:../../install_config/upgrading/manual_upgrades.adoc#manual-upgrading-efk-logging-stack[Manual -Upgrades]. +// tag::automated-logging-upgrade-steps[] +To upgrade an existing EFK logging stack deployment, you must use the provided +*_/usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/openshift-logging.yml_* +Ansible playbook. This is the playbook to use if you were deploying logging for +the first time on an existing cluster, but is also used to upgrade existing +logging deployments. + +. If you have not already done so, see +xref:../../install_config/aggregate_logging.adoc#aggregate-logging-ansible-variables[Specifying Logging Ansible Variables] in the +xref:../../install_config/aggregate_logging.adoc#install-config-aggregate-logging[Aggregating Container Logs] topic and update your Ansible inventory file to at least set the +following required variable within the `[OSEv3:vars]` section: ++ +---- +[OSEv3:vars] + +openshift_logging_install_logging=true <1> +openshift_logging_image_version= <2> +---- +<1> Enables the ability to upgrade the logging stack. +<2> Replace `` with `{latest-int-tag}` for the latest version. + +. Add any other `openshift_logging_*` variables that you want to specify to +override the defaults, as described in +xref:../../install_config/aggregate_logging.adoc#aggregate-logging-ansible-variables[Specifying Logging Ansible Variables]. + +. When you have finished updating your inventory file, follow the instructions in +xref:../../install_config/aggregate_logging.adoc#deploying-the-efk-stack[Deploying the EFK Stack] to run the *_openshift-logging.yml_* playbook and complete the +logging deployment upgrade. + +// end::automated-logging-upgrade-steps[] + +[[automated-upgrading-cluster-metrics]] +== Upgrading Cluster Metrics + +// tag::automated-metrics-upgrade-steps[] +To upgrade an existing cluster metrics deployment, you must use the provided +*_/usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/openshift-metrics.yml_* +Ansible playbook. This is the playbook to use if you were deploying metrics for +the first time on an existing cluster, but is also used to upgrade existing +metrics deployments. + +. If you have not already done so, see +xref:../../install_config/cluster_metrics.adoc#metrics-ansible-variables[Specifying Metrics Ansible Variables] in the +xref:../../install_config/cluster_metrics.adoc#install-config-cluster-metrics[Enabling Cluster Metrics] topic and update your Ansible inventory file to at least set the +following required variables within the `[OSEv3:vars]` section: ++ +---- +[OSEv3:vars] + +openshift_metrics_install_metrics=true <1> +openshift_metrics_image_version= <2> +openshift_metrics_hawkular_hostname= <3> +openshift_metrics_cassandra_storage_type=(emptydir|pv|dynamic) <4> +---- +<1> Enables the ability to upgrade the metrics deployment. +<2> Replace `` with `{latest-int-tag}` for the latest version. +<3> Used for the Hawkular Metrics route. Should correspond to a fully qualified +domain name. +<4> Choose a type that is consistent with the previous deployment. + +. Add any other `openshift_metrics_*` variables that you want to specify to +override the defaults, as described in +xref:../../install_config/cluster_metrics.adoc#metrics-ansible-variables[Specifying +Metrics Ansible Variables]. + +. When you have finished updating your inventory file, follow the instructions in +xref:../../install_config/cluster_metrics.html#deploying-the-metrics-components[Deploying the Metrics Deployment] to run the *_openshift_metrics.yml_* playbook and +complete the metrics deployment upgrade. +// end::automated-metrics-upgrade-steps[] [[verifying-the-upgrade]] == Verifying the Upgrade diff --git a/install_config/upgrading/blue_green_deployments.adoc b/install_config/upgrading/blue_green_deployments.adoc index ea2148c6ee3f..2a68f6115ba7 100644 --- a/install_config/upgrading/blue_green_deployments.adoc +++ b/install_config/upgrading/blue_green_deployments.adoc @@ -13,21 +13,6 @@ toc::[] == Overview -[IMPORTANT] -==== -An etcd performance issue has been discovered on new and upgraded {product-title} -ifdef::openshift-enterprise[] -3.5 -endif::[] -ifdef::openshift-origin[] -1.4+ -endif::[] -clusters. See the following Knowledgebase Solution for further details: - -https://access.redhat.com/solutions/2916381[] + -(link:https://bugzilla.redhat.com/show_bug.cgi?id=1415839[*BZ#1415839*]) -==== - [NOTE] ==== This topic serves as an alternative approach for node host upgrades to the in-place diff --git a/install_config/upgrading/index.adoc b/install_config/upgrading/index.adoc index 5d931f33eb60..00e4e3528e22 100644 --- a/install_config/upgrading/index.adoc +++ b/install_config/upgrading/index.adoc @@ -15,9 +15,9 @@ https://github.com/openshift/origin/releases[Releases page] on GitHub to review the latest changes. endif::[] ifdef::openshift-enterprise[] -This includes upgrading from previous minor versions, such as release 3.2 to -3.3, and applying asynchronous errata updates within a minor version (3.3.z -releases). See the xref:../../release_notes/ocp_3_3_release_notes.adoc#release-notes-ocp-3-3-release-notes[{product-title} 3.3 Release Notes] to review the latest changes. +This includes upgrading from previous minor versions, such as release 3.6 to +3.7, and applying asynchronous errata updates within a minor version (3.7.z +releases). See the xref:../../release_notes/ocp_3_7_release_notes.adoc#release-notes-ocp-3-7-release-notes[{product-title} 3.7 Release Notes] to review the latest changes. [NOTE] ==== diff --git a/install_config/upgrading/manual_upgrades.adoc b/install_config/upgrading/manual_upgrades.adoc new file mode 100644 index 000000000000..9c773702617d --- /dev/null +++ b/install_config/upgrading/manual_upgrades.adoc @@ -0,0 +1,1648 @@ +[[install-config-upgrading-manual-upgrades]] += Performing Manual In-place Cluster Upgrades +{product-author} +{product-version} +:latest-tag: v3.7.9 +:latest-int-tag: v3.7.9 +:data-uri: +:icons: +:experimental: +:toc: macro +:toc-title: +:prewrap!: + +toc::[] + +== Overview + +As an alternative to performing an +xref:../../install_config/upgrading/automated_upgrades.adoc#install-config-upgrading-automated-upgrades[automated upgrade], +you can manually upgrade your OpenShift cluster. To manually upgrade without +disruption, it is important to upgrade each component as documented in this +topic. + +Before you begin your upgrade, familiarize yourself now with the entire +procedure. xref:additional-instructions-per-release[Specific releases may +require additional steps] to be performed at key points before or during the +standard upgrade process. + +[IMPORTANT] +==== +Ensure that you have met all +xref:../../install_config/install/prerequisites.adoc#install-config-install-prerequisites[prerequisites] +before proceeding with an upgrade. Failure to do so can result in a failed +upgrade. +==== + +[[preparing-for-a-manual-upgrade]] +== Preparing for a Manual Upgrade + +[NOTE] +==== +Before upgrading your cluster to {product-title} 3.7, the cluster must be +already upgraded to the +link:https://docs.openshift.com/container-platform/3.6/release_notes/ocp_3_6_release_notes.html#ocp-36-asynchronous-errata-updates[latest asynchronous release of version 3.6]. Cluster upgrades cannot span more than one +minor version at a time, so if your cluster is at a version earlier than 3.6, +you must first upgrade incrementally (e.g., 3.4 to 3.5, then 3.5 to 3.6). +==== + +[NOTE] +==== +Before attempting the upgrade, follow the steps in +xref:manual-upgrades-verifying-the-upgrade[Verifying the Upgrade] to verify the +cluster's health. This will confirm that nodes are in the *Ready* state, running +the expected starting version, and will ensure that there are no diagnostic +errors or warnings. +==== + +To prepare for a manual upgrade, follow these steps: + +ifdef::openshift-enterprise[] + +. If you are upgrading from {product-title} 3.6 to 3.7, manually disable the 3.6 +channel and enable the 3.7 channel on each host: ++ +---- +# subscription-manager repos --disable="rhel-7-server-ose-3.6-rpms" \ + --enable="rhel-7-server-ose-3.7-rpms" \ + --enable="rhel-7-server-extras-rpms" \ + --enable="rhel-7-fast-datapath-rpms" +---- ++ +On RHEL 7 systems, also clear the *yum* cache: ++ +---- +# yum clean all +---- +endif::[] + +. Install or update to the latest available version of the +*atomic-openshift-utils* package on each RHEL 7 system, which provides files +that will be used in later sections: ++ +---- +# yum install atomic-openshift-utils +---- + +. When installing or updating *atomic-openshift-utils*, +*_/usr/share/openshift/examples/_* does not get updated with the latest +templates. To update these files: ++ +---- +# mkdir /usr/share/openshift/examples +# cp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* /usr/share/openshift/examples/ +---- + +. Install or update to the following latest available **-excluder* packages on +each RHEL 7 system, which helps ensure your systems stay on the correct versions +of *atomic-openshift* and *docker* packages when you are not trying to upgrade, +according to the {product-title} version: ++ +---- +# yum install atomic-openshift-excluder atomic-openshift-docker-excluder +---- ++ +These packages add entries to the `exclude` directive in the host's +*_/etc/yum.conf_* file. + +. Create an *etcd* backup on each master. The *etcd* package is required, even if +using embedded etcd, for access to the `etcdctl` command to make the backup. ++ +[NOTE] +==== +The *etcd* package is installed by default for RHEL Atomic Host 7 systems. If +the master is a RHEL 7 system and *etcd* is not already installed, install it +now: + +---- +# yum install etcd +---- +==== ++ +To create the backup, run: ++ +---- +# ETCD_DATA_DIR=/var/lib/etcd <1> +# etcdctl backup \ + --data-dir $ETCD_DATA_DIR \ + --backup-dir $ETCD_DATA_DIR.bak. <2> +---- +<1> This directory is for external etcd. +<2> Use the date of the backup, or some unique identifier, for ``. +The command will not make a backup if the `--backup-dir` location +already exists. + +. For any upgrade path, ensure that you are running the latest kernel on +each RHEL 7 system: ++ +---- +# yum update kernel +---- + +[[upgrading-masters]] +== Upgrading Master Components + +Before upgrading any stand-alone nodes, upgrade the master components (which +provide the _control plane_ for the cluster). + +. Run the following command on each master to remove the *atomic-openshift* +packages from the list of yum excludes on the host: ++ +---- +# atomic-openshift-excluder unexclude +---- + +. Upgrade *etcd* on all master hosts and any external etcd hosts. + +.. For RHEL 7 systems using the RPM-based method: + +... Upgrade the *etcd* package: ++ +---- +# yum update etcd +---- + +... Restart the *etcd* service and review the logs to ensure it restarts +successfully: ++ +---- +# systemctl restart etcd +# journalctl -r -u etcd +---- + +.. For RHEL Atomic Host 7 systems and RHEL 7 systems using the containerized +method: + +... Pull the latest *rhel7/etcd* image: ++ +---- +# docker pull registry.access.redhat.com/rhel7/etcd +---- + +... Restart the *etcd_container* service and review the logs to ensure it restarts +successfully: ++ +---- +# systemctl restart etcd_container +# journalctl -r -u etcd_container +---- + +ifdef::openshift-origin[] +. On each master host, upgrade the *origin-master* package: ++ +---- +# yum upgrade origin-master +---- + +. If you are upgrading from OpenShift Origin 1.0 to 1.1: + +.. Create the following master proxy client certificates: ++ +---- +# cd /etc/origin/master/ +# oadm ca create-master-certs --cert-dir=/etc/origin/master/ \ + --master=https://:8443 \ + --public-master=https://:8443 \ + --hostnames=,,localhost,127.0.0.1,,kubernetes.default.local \ + --overwrite=false +---- ++ +This creates files at *_/etc/origin/master/master.proxy-client.{crt,key}_*. +Then, add the master proxy client certificates to the +*_/etc/origin/master/master-config.yml_* file on each master: ++ +---- +kubernetesMasterConfig: + proxyClientInfo: + certFile: master.proxy-client.crt + keyFile: master.proxy-client.key +---- + +.. Enable the following renamed service(s) on master hosts. ++ +For single master clusters: ++ +---- +# systemctl enable origin-master +---- ++ +For multi-master clusters: ++ +---- +# systemctl enable origin-master-api +# systemctl enable origin-master-controllers +---- + +. Restart the master service(s) on each master and review logs to ensure they +restart successfully. ++ +For single master clusters: ++ +---- +# systemctl restart origin-master +# journalctl -r -u origin-master +---- ++ +For multi-master clusters: ++ +---- +# systemctl restart origin-master-controllers +# systemctl restart origin-master-api +# journalctl -r -u origin-master-controllers +# journalctl -r -u origin-master-api +---- + +. Because masters also have node components running on them in order to be +configured as part of the OpenShift SDN, restart the *origin-node* and +*openvswitch* services: ++ +---- +# systemctl restart openvswitch +# systemctl restart origin-node +# journalctl -r -u openvswitch +# journalctl -r -u origin-node +---- + +endif::[] +ifdef::openshift-enterprise[] +. On each master host, upgrade the *atomic-openshift* packages or related images. + +.. For masters using the RPM-based method on a RHEL 7 system, upgrade all installed +*atomic-openshift* packages and the *openvswitch* package: ++ +---- +# yum upgrade atomic-openshift\* openvswitch +---- + +.. For masters using the containerized method on a RHEL 7 or RHEL Atomic Host 7 +system, set the `*IMAGE_VERSION*` parameter to the version you are upgrading to +in the following files: ++ +-- +- *_/etc/sysconfig/atomic-openshift-master_* (single master clusters only) +- *_/etc/sysconfig/atomic-openshift-master-controllers_* (multi-master clusters only) +- *_/etc/sysconfig/atomic-openshift-master-api_* (multi-master clusters only) +- *_/etc/sysconfig/atomic-openshift-node_* +- *_/etc/sysconfig/atomic-openshift-openvswitch_* +-- ++ +For example: ++ +---- +IMAGE_VERSION= +---- ++ +Replace `` with `{latest-tag}` for the latest version. + +. Restart the master service(s) on each master and review logs to ensure they +restart successfully. ++ +For single master clusters: ++ +---- +# systemctl restart atomic-openshift-master +# journalctl -r -u atomic-openshift-master +---- ++ +For multi-master clusters: ++ +---- +# systemctl restart atomic-openshift-master-controllers +# systemctl restart atomic-openshift-master-api +# journalctl -r -u atomic-openshift-master-controllers +# journalctl -r -u atomic-openshift-master-api +---- + +. Because masters also have node components running on them in order to be +configured as part of the OpenShift SDN, restart the *atomic-openshift-node* and +*openvswitch* services: ++ +---- +# systemctl restart openvswitch +# systemctl restart atomic-openshift-node +# journalctl -r -u openvswitch +# journalctl -r -u atomic-openshift-node +---- + +endif::[] +. If you are performing a cluster upgrade that requires updating Docker to version +1.12, you must also perform the following steps if you are not already on Docker +1.12: ++ +[IMPORTANT] +==== +The node component on masters is set by default to unschedulable status during +initial installation, so that pods are not deployed to them. However, it is +possible to set them schedulable during the initial installation or manually +thereafter. If any of your masters are also configured as a schedulable node, +skip the following Docker upgrade steps for those masters and instead run all +steps described in xref:upgrading-nodes[Upgrading Nodes] when you get to that +section for those hosts as well. +==== + +.. Upgrade the *docker* package. + +... For RHEL 7 systems: ++ +---- +# yum update docker +---- ++ +Then, restart the *docker* service and review the logs to ensure it restarts +successfully: ++ +---- +# systemctl restart docker +# journalctl -r -u docker +---- + +... For RHEL Atomic Host 7 systems, upgrade to the latest Atomic tree if one is +available: ++ +[NOTE] +==== +If upgrading to RHEL Atomic Host 7.4.2, this upgrades Docker to version 1.12. +==== ++ +---- +# atomic host upgrade +---- + +.. After the upgrade is completed and prepared for the next boot, reboot the host +and ensure the *docker* service starts successfully: ++ +---- +# systemctl reboot +# journalctl -r -u docker +---- + +.. Remove the following file, which is no longer required: ++ +---- +# rm /etc/systemd/system/docker.service.d/docker-sdn-ovs.conf +---- + +. Run the following command on each master to add the *atomic-openshift* packages +back to the list of yum excludes on the host: ++ +---- +# atomic-openshift-excluder exclude +---- + +[NOTE] +==== +During the cluster upgrade, it can sometimes be useful to take a master out of +rotation since some DNS client libraries will not properly to the other masters +for cluster DNS. In addition to stopping the master and controller services, you +can remove the EndPoint from the Kubernetes service's `*subsets.addresses*`. + +---- +$ oc edit ep/kubernetes -n default +---- + +When the master is restarted, the Kubernetes service will be automatically +updated. +==== + +[[updating-policy-definitions]] +== Updating Policy Definitions + +After a cluster upgrade, the default roles +xref:../../architecture/additional_concepts/authorization.adoc#roles[default +cluster roles] are automatically updated. To check if all defaults are set as +recommended for your environment, run: + +---- +# oadm policy reconcile-cluster-roles +---- + +[WARNING] +==== +If you have customized default cluster roles and want to ensure a role reconciliation +does not modify those customized roles, annotate them with `openshift.io/reconcile-protect` +set to `true` when using the old Openshift policy format. When using the new RBAC +roles, use `rbac.authorization.kubernetes.io/autoupdate` set to `false` instead. +In doing so, you are responsible for manually updating those roles with any new +or required permissions during upgrades. +==== + +This command outputs a list of roles that are out of date and their new proposed +values. For example: + +---- +# oadm policy reconcile-cluster-roles +apiVersion: v1 +items: +- apiVersion: v1 + kind: ClusterRole + metadata: + creationTimestamp: null + name: admin + rules: + - attributeRestrictions: null + resources: + - builds/custom +... +---- + +[NOTE] +==== +Your output will vary based on the OpenShift version and any local +customizations you have made. Review the proposed policy carefully. +==== + +You can either modify this output to re-apply any local policy changes you have +made, or you can automatically apply the new policy using the following process: + +. Reconcile the cluster roles: ++ +---- +# oadm policy reconcile-cluster-roles \ + --additive-only=true \ + --confirm +---- + +. Reconcile the cluster role bindings: ++ +---- +# oadm policy reconcile-cluster-role-bindings \ + --exclude-groups=system:authenticated \ + --exclude-groups=system:authenticated:oauth \ + --exclude-groups=system:unauthenticated \ + --exclude-users=system:anonymous \ + --additive-only=true \ + --confirm +---- ++ +Also run: ++ +---- +# oadm policy reconcile-cluster-role-bindings \ + system:build-strategy-jenkinspipeline \ + --confirm \ + -o name +---- + +. Reconcile security context constraints: ++ +---- +# oadm policy reconcile-sccs \ + --additive-only=true \ + --confirm +---- + +[[upgrading-nodes]] +== Upgrading Nodes + +After upgrading your masters, you can upgrade your nodes. When restarting the +ifdef::openshift-origin[] +*origin-node* service, there will be a brief disruption of outbound network +endif::[] +ifdef::openshift-enterprise[] +*atomic-openshift-node* service, there will be a brief disruption of outbound network +endif::[] +connectivity from running pods to services while the +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#service-proxy[service +proxy] is restarted. The length of this disruption should be very short and +scales based on the number of services in the entire cluster. + +[NOTE] +==== +You can alternatively use the +xref:../../install_config/upgrading/blue_green_deployments.adoc#upgrading-blue-green-deployments[blue-green +deployment] method at this point to create a parallel environment for new nodes +instead of upgrading them in place. +==== + +One at at time for each node that is not also a master, you must disable +scheduling and evacuate its pods to other nodes, then upgrade packages and +restart services. + +. Run the following command on each node to remove the *atomic-openshift* +packages from the list of yum excludes on the host: ++ +---- +# atomic-openshift-excluder unexclude +---- + +. As a user with *cluster-admin* privileges, disable scheduling for the node: ++ +---- +# oadm manage-node --schedulable=false +---- + +. Evacuate pods on the node to other nodes: ++ +[IMPORTANT] +==== +The `--force` option deletes any pods that are not backed by a replication +controller. +==== ++ +---- +# oadm drain --force --delete-local-data --ignore-daemonsets +---- + +ifdef::openshift-origin[] +. On the node host, upgrade all *origin* packages: ++ +---- +# yum upgrade origin\* +---- + +. If you are upgrading from OpenShift Origin 1.0 to 1.1, enable the following +renamed service on the node host: ++ +---- +# systemctl enable origin-node +---- + +. Restart the *origin-node* and *openvswitch* services and review the logs to +ensure they restart successfully: ++ +---- +# systemctl restart openvswitch +# systemctl restart origin-node +# journalctl -r -u origin-node +# journalctl -r -u openvswitch +---- + +endif::[] +ifdef::openshift-enterprise[] +. Upgrade the node component packages or related images. + +.. For nodes using the RPM-based method on a RHEL 7 system, upgrade all installed +*atomic-openshift* packages and the *openvswitch* package: ++ +---- +# yum upgrade atomic-openshift\* openvswitch +---- + +.. For nodes using the containerized method on a RHEL 7 or RHEL Atomic Host 7 +system, set the `*IMAGE_VERSION*` parameter in the +*_/etc/sysconfig/atomic-openshift-node_* and *_/etc/sysconfig/openvswitch_* +files to the version you are upgrading to. For example: ++ +---- +IMAGE_VERSION= +---- ++ +Replace `` with `{latest-tag}` for the latest version. + +. Restart the *atomic-openshift-node* and *openvswitch* services and review the +logs to ensure they restart successfully: ++ +---- +# systemctl restart openvswitch +# systemctl restart atomic-openshift-node +# journalctl -r -u atomic-openshift-node +# journalctl -r -u openvswitch +---- +endif::[] + +. If you are performing a cluster upgrade that requires updating Docker to version +1.12, you must also perform the following steps if you are not already on Docker +1.12: + +.. Upgrade the *docker* package. + +... For RHEL 7 systems: ++ +---- +# yum update docker +---- ++ +Then, restart the *docker* service and review the logs to ensure it restarts +successfully: ++ +---- +# systemctl restart docker +# journalctl -r -u docker +---- ++ +After Docker is restarted, restart the *atomic-openshift-node* service again and +review the logs to ensure it restarts successfully: ++ +---- +# systemctl restart atomic-openshift-node +# journalctl -r -u atomic-openshift-node +---- + +... For RHEL Atomic Host 7 systems, upgrade to the latest Atomic tree if one is +available: ++ +[NOTE] +==== +If upgrading to RHEL Atomic Host 7.4.2, this upgrades Docker to version 1.12. +==== ++ +---- +# atomic host upgrade +---- ++ +After the upgrade is completed and prepared for the next boot, reboot the host +and ensure the *docker* service starts successfully: ++ +---- +# systemctl reboot +# journalctl -r -u docker +---- + +.. Remove the following file, which is no longer required: ++ +---- +# rm /etc/systemd/system/docker.service.d/docker-sdn-ovs.conf +---- + +. Re-enable scheduling for the node: ++ +---- +# oadm manage-node --schedulable +---- + +. Run the following command on each node to add the *atomic-openshift* packages +back to the list of yum excludes on the host: ++ +---- +# atomic-openshift-excluder exclude +---- + +. Repeat the previous steps on the next node, and continue repeating these steps +until all nodes have been upgraded. + +. After all nodes have been upgraded, as a user with *cluster-admin* privileges, +verify that all nodes are showing as *Ready*: ++ +---- +# oc get nodes +NAME STATUS AGE +master.example.com Ready,SchedulingDisabled 165d +node1.example.com Ready 165d +node2.example.com Ready 165d +---- + +[[upgrading-the-router]] +== Upgrading the Router + +If you have previously +xref:../../install_config/router/index.adoc#install-config-router-overview[deployed a router], the +router deployment configuration must be upgraded to apply updates contained in +the router image. To upgrade your router without disrupting services, you must +have previously deployed a +xref:../../admin_guide/high_availability.adoc#configuring-a-highly-available-service[highly-available +routing service]. + +ifdef::openshift-origin[] +[IMPORTANT] +==== +If you are upgrading to OpenShift Origin 1.0.4 or 1.0.5, first see the +xref:additional-instructions-per-release[Additional Manual Instructions per +Release] section for important steps specific to your upgrade, then continue +with the router upgrade as described in this section. +==== +endif::[] + +Edit your router's deployment configuration. For example, if it has the default +*router* name: + +---- +# oc edit dc/router +---- + +Apply the following changes: + +---- +... +spec: + template: + spec: + containers: + - env: + ... +ifdef::openshift-enterprise[] + image: registry.access.redhat.com/openshift3/ose-haproxy-router: <1> +endif::[] +ifdef::openshift-origin[] + image: openshift/origin-haproxy-router:v1.0.6 <1> +endif::[] + imagePullPolicy: IfNotPresent + ... +---- +<1> Adjust `` to match the version you are upgrading to (use `{latest-tag}` +for the latest version). + +You should see one router pod updated and then the next. + +[[upgrading-the-registry]] +== Upgrading the Registry + +The registry must also be upgraded for changes to take effect in the registry +image. If you have used a `*PersistentVolumeClaim*` or a host mount point, you +may restart the registry without losing the contents of your registry. +xref:../../install_config/registry/deploy_registry_existing_clusters.adoc#storage-for-the-registry[Storage for the Registry] details how to configure persistent storage for the registry. + +Edit your registry's deployment configuration: + +---- +# oc edit dc/docker-registry +---- + +Apply the following changes: + +---- +... +spec: + template: + spec: + containers: + - env: + ... +ifdef::openshift-enterprise[] + image: registry.access.redhat.com/openshift3/ose-docker-registry: <1> +endif::[] +ifdef::openshift-origin[] + image: openshift/origin-docker-registry:v1.0.4 <1> +endif::[] + imagePullPolicy: IfNotPresent + ... +---- +<1> Adjust `` to match the version you are upgrading to (use `{latest-tag}` +for the latest version). + +ifdef::openshift-enterprise[] +If the registry console is deployed, edit its deployment configuration: + +---- +# oc edit dc/registry-console +---- + +Apply the following changes: + +---- +... +spec: + template: + spec: + containers: + - env: + ... + image: registry.access.redhat.com/openshift3/registry-console:v3.7 + imagePullPolicy: IfNotPresent + ... +---- +endif::[] + +[IMPORTANT] +==== +Images that are being pushed or pulled from the internal registry at the time of +upgrade will fail and should be restarted automatically. This will not disrupt +pods that are already running. +==== + +ifdef::openshift-origin[] +[[updating-the-registry-configuration-file]] +=== Updating Custom Registry Configuration Files + +[NOTE] +==== +You may safely skip this part if you do not use a custom registry configuration +file. +==== + +The internal Docker registry version 1.4.0 and higher requires following entries +in the +xref:../registry/extended_registry_configuration.adoc#docker-registry-configuration-reference-middleware[middleware section] of the configuration file: + +[source,yaml] +---- +middleware: + registry: + - name: openshift + repository: + - name: openshift + storage: + - name: openshift +---- + +. Edit your custom configuration file, adding the missing entries. + +. xref:../registry/extended_registry_configuration.adoc#advanced-overriding-the-registry-configuration[Deploy +your updated configuration]. + +. Append the `--overwrite` flag to `oc volume +dc/docker-registry --add` to replace a volume mount of your previous secret. + +. You can safely remove the old secret. + +[[enforcing-quota-in-the-registry]] +=== Enforcing Quota in the Registry + +Quota must be enforced to prevent layer blobs that exceed the size limit from +being written to the registry's storage. This can be achieved via a +xref:../registry/extended_registry_configuration.adoc#registry-configuration-reference[configuration file]: + +---- +... +middleware: + repository: + - name: openshift + options: + enforcequota: true +... +---- + +Alternatively, use the `*REGISTRY_MIDDLEWARE_REPOSITORY_OPENSHIFT_ENFORCEQUOTA*` +environment variable, which is set to `*true*` for the new registry deployments +by default. Existing deployments need to be modified using: + +---- +# oc set env dc/docker-registry REGISTRY_MIDDLEWARE_REPOSITORY_OPENSHIFT_ENFORCEQUOTA=true +---- +endif::[] + +[[updating-the-default-image-streams-and-templates]] +== Updating the Default Image Streams and Templates + +ifdef::openshift-origin[] +By default, the xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced +installation] method automatically creates default image streams, InstantApp +templates, and database service templates in the *openshift* project, which is a +default project to which all users have view access. These objects were created +during installation from the JSON files located under +*_/usr/share/openshift/examples_*. + +To update these objects: + +. Ensure that you have the latest *openshift-ansible* code checked out, which +provides the example JSON files: ++ +---- +# cd ~/openshift-ansible +# git pull https://github.com/openshift/openshift-ansible master +---- +endif::[] +ifdef::openshift-enterprise[] +By default, the xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] and +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] +methods automatically create default image streams, InstantApp templates, and +database service templates in the *openshift* project, which is a default +project to which all users have view access. These objects were created during +installation from the JSON files located under the +*_/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/_* +directory. + +[NOTE] +==== +Because RHEL Atomic Host 7 cannot use *yum* to update packages, the following +steps must take place on a RHEL 7 system. +==== + +Update the packages that provide the example JSON files. On a subscribed Red +Hat Enterprise Linux 7 system where you can run the CLI as a user with +*cluster-admin* permissions, install or update to the latest version of the *openshift-ansible* packages: + +---- +# yum update openshift-ansible +---- + +To persist *_/usr/share/openshift/examples/_* on the first master: + +---- +scp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* user@master1:/usr/share/openshift/examples/ +---- + +To persist *_/usr/share/openshift/examples/_* on all masters: + +---- +mkdir /usr/share/openshift/examples +scp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* user@masterx:/usr/share/openshift/examples +---- + +The *openshift-ansible-roles* package provides the latest example JSON files. +endif::[] + +. After a manual upgrade, get the latest templates from +*openshift-ansible-roles*: ++ +---- +rpm -ql openshift-ansible-roles | grep examples | grep v3.7 +---- ++ +In this example, +*_/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/image-streams/image-streams-rhel7.json_* +is the latest file that you want in the latest *openshift-ansible-roles* package. ++ +*_/usr/share/openshift/examples/image-streams/image-streams-rhel7.json_* is not +owned by a package, but is updated by Ansible. If you are upgrading outside of +Ansible. you need to get the latest .json files on the system where you are +running `oc`, which can run anywhere that has access to the master. + +. Install *atomic-openshift-utils* and its dependencies to install the new content +into +*_/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/_*.: ++ +---- +$ oc create -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/image-streams/image-streams-rhel7.json +$ oc create -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/image-streams/dotnet_imagestreams.json +$ oc replace -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/image-streams/image-streams-rhel7.json +$ oc replace -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/image-streams/dotnet_imagestreams.json +---- + +. Update the templates: ++ +---- +$ oc create -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/quickstart-templates/ +$ oc create -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/db-templates/ +$ oc create -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/infrastructure-templates/ +$ oc create -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/xpaas-templates/ +$ oc create -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/xpaas-streams/ +$ oc replace -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/quickstart-templates/ +$ oc replace -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/db-templates/ +$ oc replace -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/infrastructure-templates/ +$ oc replace -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/xpaas-templates/ +$ oc replace -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/xpaas-streams/ +---- ++ +Errors are generated for items that already exist. This is expected behavior: ++ +---- +# oc create -n openshift -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/quickstart-templates/ +Error from server: error when creating "/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql.json": templates "cakephp-mysql-example" already exists +Error from server: error when creating "/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp.json": templates "cakephp-example" already exists +Error from server: error when creating "/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql.json": templates "dancer-mysql-example" already exists +Error from server: error when creating "/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer.json": templates "dancer-example" already exists +Error from server: error when creating "/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql.json": templates "django-psql-example" already exists +---- + +Now, content can be updated. Without running the automated upgrade playbooks, +the content is not updated in *_/usr/share/openshift/_*. + +[[importing-the-latest-images]] +== Importing the Latest Images + +After xref:updating-the-default-image-streams-and-templates[updating the +default image streams], you may also want to ensure that the images within those +streams are updated. For each image stream in the default *openshift* project, +you can run: + +---- +# oc import-image -n openshift +---- + +For example, get the list of all image streams in the default *openshift* +project: + +==== +---- +# oc get is -n openshift +NAME DOCKER REPO TAGS UPDATED +mongodb registry.access.redhat.com/openshift3/mongodb-24-rhel7 2.4,latest,v3.1.1.6 16 hours ago +mysql registry.access.redhat.com/openshift3/mysql-55-rhel7 5.5,latest,v3.1.1.6 16 hours ago +nodejs registry.access.redhat.com/openshift3/nodejs-010-rhel7 0.10,latest,v3.1.1.6 16 hours ago +... +---- +==== + +Update each image stream one at a time: + +==== +---- +# oc import-image -n openshift nodejs +The import completed successfully. + +Name: nodejs +Created: 10 seconds ago +Labels: +Annotations: openshift.io/image.dockerRepositoryCheck=2016-07-05T19:20:30Z +Docker Pull Spec: 172.30.204.22:5000/openshift/nodejs + +Tag Spec Created PullSpec Image +latest 4 9 seconds ago registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest 570ad8ed927fd5c2c9554ef4d9534cef808dfa05df31ec491c0969c3bd372b05 +4 registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest 9 seconds ago 570ad8ed927fd5c2c9554ef4d9534cef808dfa05df31ec491c0969c3bd372b05 +0.10 registry.access.redhat.com/openshift3/nodejs-010-rhel7:latest 9 seconds ago a1ef33be788a28ec2bdd48a9a5d174ebcfbe11c8e986d2996b77f5bccaaa4774 +---- +==== + +[IMPORTANT] +==== +In order to update your S2I-based applications, you must manually trigger a new +build of those applications after importing the new images using `oc start-build +`. +==== + +ifdef::openshift-origin[] +:sect: manual +// tag::30to31updatingcerts[] +[id='{sect}-updating-master-and-node-certificates'] +== Updating Master and Node Certificates + +The following steps may be required for any OpenShift cluster that was +originally installed prior to the +https://github.com/openshift/origin/releases[OpenShift Origin 1.0.8 release]. +This may include any and all updates from that version. + +[id='{sect}-updating-node-certificates'] +=== Node Certificates + +With the 1.0.8 release, certificates for each of the kubelet nodes were updated +to include the IP address of the node. Any node certificates generated before +the 1.0.8 release may not contain the IP address of the node. + +If a node is missing the IP address as part of its certificate, clients may +refuse to connect to the kubelet endpoint. Usually this will result in errors +regarding the certificate not containing an `IP SAN`. + +In order to remedy this situation, you may need to manually update the +certificates for your node. + +[id='{sect}-checking-the-nodes-certificate'] +==== Checking the Node's Certificate + +The following command can be used to determine which Subject Alternative Names +(SANs) are present in the node's serving certificate. In this example, the +Subject Alternative Names are *mynode*, *mynode.mydomain.com*, and *1.2.3.4*: + +==== +---- +# openssl x509 -in /etc/origin/node/server.crt -text -noout | grep -A 1 "Subject Alternative Name" +X509v3 Subject Alternative Name: +DNS:mynode, DNS:mynode.mydomain.com, IP: 1.2.3.4 +---- +==== + +Ensure that the `*nodeIP*` value set in the +*_/etc/origin/node/node-config.yaml_* file is present in the IP values from the +Subject Alternative Names listed in the node's serving certificate. If the +`*nodeIP*` is not present, then it will need to be added to the node's +certificate. + +If the `*nodeIP*` value is already contained within the Subject Alternative +Names, then no further steps are required. + +You will need to know the Subject Alternative Names and `*nodeIP*` value for the +following steps. + +[id='{sect}-generating-a-new-node-certificate'] +==== Generating a New Node Certificate + +If your current node certificate does not contain the proper IP address, then +you must regenerate a new certificate for your node. + +[IMPORTANT] +==== +Node certificates will be regenerated on the master (or first master) and are +then copied into place on node systems. +==== + +. Create a temporary directory in which to perform the following steps: ++ +---- +# mkdir /tmp/node_certificate_update +# cd /tmp/node_certificate_update +---- + +. Export the signing options: ++ +---- +# export signing_opts="--signer-cert=/etc/origin/master/ca.crt \ + --signer-key=/etc/origin/master/ca.key \ + --signer-serial=/etc/origin/master/ca.serial.txt" +---- + +. Generate the new certificate: ++ +---- +# oadm ca create-server-cert --cert=server.crt \ + --key=server.key $signing_opts \ + --hostnames=, +---- ++ +For example, if the Subject Alternative Names from before were *mynode*, +*mynode.mydomain.com*, and *1.2.3.4*, and the `*nodeIP*` was 10.10.10.1, then +you would need to run the following command: ++ +---- +# oadm ca create-server-cert --cert=server.crt \ + --key=server.key $signing_opts \ + --hostnames=mynode,mynode.mydomain.com,1.2.3.4,10.10.10.1 +---- + +[id='{sect}-replace-node-serving-certificates'] +==== Replace Node Serving Certificates + +Back up the existing *_/etc/origin/node/server.crt_* and +*_/etc/origin/node/server.key_* files for your node: + +---- +# mv /etc/origin/node/server.crt /etc/origin/node/server.crt.bak +# mv /etc/origin/node/server.key /etc/origin/node/server.key.bak +---- + +You must now copy the new *_server.crt_* and *_server.key_* created in the +temporary directory during the previous step: + +---- +# mv /tmp/node_certificate_update/server.crt /etc/origin/node/server.crt +# mv /tmp/node_certificate_update/server.key /etc/origin/node/server.key +---- + +After you have replaced the node's certificate, restart the node service: + +---- +# systemctl restart origin-node +---- + +[id='{sect}-updating-master-certificates'] +=== Master Certificates + +With the 1.0.8 release, certificates for each of the masters were updated to +include all names that pods may use to communicate with masters. Any master +certificates generated before the 1.0.8 release may not contain these additional +service names. + +[id='{sect}-checking-the-masters-certificate'] +==== Checking the Master's Certificate + +The following command can be used to determine which Subject Alternative Names +(SANs) are present in the master's serving certificate. In this example, the +Subject Alternative Names are *mymaster*, *mymaster.mydomain.com*, and +*1.2.3.4*: + +---- +# openssl x509 -in /etc/origin/master/master.server.crt -text -noout | grep -A 1 "Subject Alternative Name" +X509v3 Subject Alternative Name: +DNS:mymaster, DNS:mymaster.mydomain.com, IP: 1.2.3.4 +---- + +Ensure that the following entries are present in the Subject Alternative Names +for the master's serving certificate: + +[options="header"] +|=== +|Entry |Example + +|Kubernetes service IP address +|172.30.0.1 + +|All master host names +|*master1.example.com* + +|All master IP addresses +|192.168.122.1 + +|Public master host name in clustered environments +|*public-master.example.com* + +|*kubernetes* +| + +|*kubernetes.default* +| + +|*kubernetes.default.svc* +| + +|*kubernetes.default.svc.cluster.local* +| + +|*openshift* +| + +|*openshift.default* +| + +|*openshift.default.svc* +| + +|*openshift.default.svc.cluster.local* +| +|=== + +If these names are already contained within the Subject Alternative Names, then +no further steps are required. + +[id='{sect}-generating-a-new-master-certificate'] +==== Generating a New Master Certificate + +If your current master certificate does not contain all names from the list +above, then you must generate a new certificate for your master: + +. Back up the existing *_/etc/origin/master/master.server.crt_* and +*_/etc/origin/master/master.server.key_* files for your master: ++ +---- +# mv /etc/origin/master/master.server.crt /etc/origin/master/master.server.crt.bak +# mv /etc/origin/master/master.server.key /etc/origin/master/master.server.key.bak +---- + +. Export the service names. These names will be used when generating the new +certificate: ++ +---- +# export service_names="kubernetes,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster.local,openshift,openshift.default,openshift.default.svc,openshift.default.svc.cluster.local" +---- + +. You will need the first IP in the services +subnet (the *kubernetes* service IP) as well as the values of `*masterIP*`, +`*masterURL*` and `*publicMasterURL*` contained in the +*_/etc/origin/master/master-config.yaml_* file for the following steps. ++ +The *kubernetes* service IP can be obtained with: ++ +---- +# oc get svc/kubernetes --template='{{.spec.clusterIP}}' +---- + +. Generate the new certificate: ++ +==== +---- +# oadm ca create-master-certs \ + --hostnames=,,,$service_names \ <1> <2> <3> + --master= \ <4> + --public-master= \ <5> + --cert-dir=/etc/origin/master/ \ + --overwrite=false +---- +<1> Adjust `` to match your master host name. In a clustered +environment, add all master host names. +<2> Adjust `` to match the value of `*masterIP*`. In a +clustered environment, add all master IP addresses. +<3> Adjust `` to the first IP in the *kubernetes* +services subnet. +<4> Adjust `` to match the value of `*masterURL*`. +<5> Adjust `` to match the value of `*masterPublicURL*`. +==== + +. Restart master services. For single master deployments: ++ +---- +# systemctl restart origin-master +---- ++ +For native HA multiple master deployments: ++ +---- +# systemctl restart origin-master-api +# systemctl restart origin-master-controllers +---- ++ +After the service restarts, the certificate update is complete. +// end::30to31updatingcerts[] +endif::[] + +[[manual-upgrading-service-catalog]] +== Upgrading the Service Catalog + +[NOTE] +==== +Manual upgrade steps for the service catalog and service brokers are not available. +==== + +include::install_config/upgrading/automated_upgrades.adoc[tag=automated-service-catalog-upgrade-steps] + +[[manual-upgrading-efk-logging-stack]] +== Upgrading the EFK Logging Stack + +[NOTE] +==== +Manual upgrade steps for logging deployments are no longer available starting in +{product-title} +ifdef::openshift-enterprise[] +3.5. +endif::[] +ifdef::openshift-origin[] +1.5. +endif::[] +==== + +include::install_config/upgrading/automated_upgrades.adoc[tag=automated-logging-upgrade-steps] + +[[manual-upgrading-cluster-metrics]] +== Upgrading Cluster Metrics + +[NOTE] +==== +Manual upgrade steps for metrics deployments are no longer available starting in +{product-title} +ifdef::openshift-enterprise[] +3.5. +endif::[] +ifdef::openshift-origin[] +1.5. +endif::[] +==== + +include::install_config/upgrading/automated_upgrades.adoc[tag=automated-metrics-upgrade-steps] + +[[additional-instructions-per-release]] +== Additional Manual Steps Per Release + +Some {product-title} releases may have additional instructions specific to that +release that must be performed to fully apply the updates across the cluster. +ifdef::openshift-enterprise[] +This section will be updated over time as new asynchronous updates are released +for {product-title} 3.7. + +See the xref:../../release_notes/ocp_3_7_release_notes.adoc#release-notes-ocp-3-7-release-notes[{product-title} 3.7 Release Notes] to review the latest release notes. + +ifdef::openshift-origin[] +Read through the following sections carefully depending on your upgrade path, as +you may be required to perform certain steps at key points during the standard +upgrade process described earlier in this topic. + +[[openshift-origin-1-0-4]] +=== OpenShift Origin 1.0.4 + +The following steps are required for the +https://github.com/openshift/origin/releases/tag/v1.0.4[OpenShift Origin 1.0.4 +release]. + +*Creating a Service Account for the Router* + +The default HAProxy router was updated to utilize host ports and requires that a +service account be created and made a member of the privileged +xref:../../admin_guide/manage_scc.adoc#admin-guide-manage-scc[security context constraint] (SCC). +Additionally, "down-then-up" rolling upgrades have been added and is now the +preferred strategy for upgrading routers. + +After upgrading your master and nodes but before updating to the newer router, +you must create a service account for the router. As a cluster administrator, +ensure you are operating on the *default* project: + +==== +---- +# oc project default +---- +==== + +Delete any existing *router* service account and create a new one: + +==== +---- +# oc delete serviceaccount/router +serviceaccounts/router + +# echo '{"kind":"ServiceAccount","apiVersion":"v1","metadata":{"name":"router"}}' | oc create -f - +serviceaccounts/router +---- +==== + +Edit the *privileged* SCC: + +==== +---- +# oc edit scc privileged +---- +==== + +Apply the following changes: + +==== +---- +allowHostDirVolumePlugin: true +allowHostNetwork: true <1> +allowHostPorts: true <2> +allowPrivilegedContainer: true +... +users: +- system:serviceaccount:openshift-infra:build-controller +- system:serviceaccount:default:router <3> +---- +<1> Add or update `allowHostNetwork: true`. +<2> Add or update `allowHostPorts: true`. +<3> Add the service account you created to the `*users*` list at the end of the +file. +==== + +Edit your router's deployment configuration: + +---- +# oc edit dc/router +---- + +Apply the following changes: + +---- +... +spec: + replicas: 2 + selector: + router: router + strategy: + resources: {} + rollingParams: + intervalSeconds: 1 + timeoutSeconds: 120 + updatePeriodSeconds: 1 + updatePercent: -10 <1> + type: Rolling + ... + template: + ... + spec: + ... + dnsPolicy: ClusterFirst + restartPolicy: Always + serviceAccount: router <2> + serviceAccountName: router <3> +... +---- +<1> Add `updatePercent: -10` to allow down-then-up rolling upgrades. +<2> Add `serviceAccount: router` to the template `*spec*`. +<3> Add `serviceAccountName: router` to the template `*spec*`. + +Now upgrade your router per the xref:upgrading-the-router[standard router +upgrade steps]. + +[[openshift-origin-1-0-5]] +=== OpenShift Origin 1.0.5 + +The following steps are required for the +https://github.com/openshift/origin/releases[OpenShift Origin 1.0.5 +release]. + +*Switching the Router to Use the Host Network Stack* + +The default HAProxy router was updated to use the host networking stack by +default instead of the former behavior of +xref:../../install_config/router/default_haproxy_router.adoc#using-the-container-network-stack[using +the container network stack], which proxied traffic to the router, which in turn +proxied the traffic to the target service and container. This new default +behavior benefits performance because network traffic from remote clients no +longer needs to take multiple hops through user space in order to reach the +target service and container. + +Additionally, the new default behavior enables the router to get the actual +source IP address of the remote connection. This is useful for defining +ingress rules based on the originating IP, supporting sticky sessions, and +monitoring traffic, among other uses. + +Existing router deployments will continue to use the container network stack +unless modified to switch to using the host network stack. + +To switch the router to use the host network stack, edit your router's +deployment configuration: + +==== +---- +# oc edit dc/router +---- +==== + +Apply the following changes: + +==== +---- +... +spec: + replicas: 2 + selector: + router: router + ... + template: + ... + spec: + ... + ports: + - containerPort: 80 <1> + hostPort: 80 + protocol: TCP + - containerPort: 443 <1> + hostPort: 443 + protocol: TCP + - containerPort: 1936 <1> + hostPort: 1936 + name: stats + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + dnsPolicy: ClusterFirst + hostNetwork: true <2> + restartPolicy: Always +... +---- +==== +<1> For host networking, ensure that the `*containerPort*` value matches the +`*hostPort*` values for each of the ports. +<2> Add `*hostNetwork: true*` to the template `*spec*`. + +Now upgrade your router per the xref:upgrading-the-router[standard router +upgrade steps]. + +*Configuring serviceNetworkCIDR for the SDN* + +Add the `*serviceNetworkCIDR*` parameter to the `*networkConfig*` section in +*_/etc/origin/master/master-config.yaml_*. This value should match the +`*servicesSubnet*` value in the `*kubernetesMasterConfig*` section: + +==== +---- +kubernetesMasterConfig: + servicesSubnet: 172.30.0.0/16 +... +networkConfig: + serviceNetworkCIDR: 172.30.0.0/16 +---- +==== + +*Adding the Scheduler Configuration API Version* + +The scheduler configuration file incorrectly lacked `*kind*` and `*apiVersion*` +fields when deployed using the quick or advanced installation methods. This will +affect future upgrades, so it is important to add those values if they do not +exist. + +Modify the *_/etc/origin/master/scheduler.json_* file to add the `*kind*` and +`*apiVersion*` fields: + +==== +---- +{ + "kind": "Policy", <1> + "apiVersion": "v1", <2> + "predicates": [ + ... +} +---- +==== +<1> Add `*"kind": "Policy",*` +<2> Add `*"apiVersion": "v1",*` + +[[openshift-origin-1-1-0]] +=== OpenShift Origin 1.1.0 + +There are no additional manual steps for this release that are not already +mentioned inline during the xref:preparing-for-a-manual-upgrade[standard manual upgrade +process]. + +[[openshift-origin-1-5-0]] +=== OpenShift Origin 1.5.0 + +With deprecation of the `extensions/v1beta1.Job` resource, you must migrate all +`Job` resources to use the `batch/v1.Job` instead. To verify which objects will +be migrated, run: + +---- +$ oadm migrate storage --include=jobs +---- + +You can also increase the log level using the `--loglevel` flag. When you are +ready to perform the actual migration, add the `--confirm` option: + +---- +$ oadm migrate storage --include=jobs --confirm +---- +endif::[] + +[[manual-upgrades-verifying-the-upgrade]] +== Verifying the Upgrade + +To verify the upgrade: + +. Check that all nodes are marked as *Ready*: ++ +---- +# oc get nodes +NAME STATUS AGE +master.example.com Ready,SchedulingDisabled 165d +node1.example.com Ready 165d +node2.example.com Ready 165d +---- + +. Verify that you are running the expected versions of the *docker-registry* +and *router* images, if deployed. +ifdef::openshift-enterprise[] +Replace `` with `{latest-tag}` for the latest version. +endif::[] ++ +---- +ifdef::openshift-enterprise[] +# oc get -n default dc/docker-registry -o json | grep \"image\" + "image": "openshift3/ose-docker-registry:", +# oc get -n default dc/router -o json | grep \"image\" + "image": "openshift3/ose-haproxy-router:", +endif::[] +ifdef::openshift-origin[] +# oc get -n default dc/docker-registry -o json | grep \"image\" + "image": "openshift/origin-docker-registry:v1.0.6", +# oc get -n default dc/router -o json | grep \"image\" + "image": "openshift/origin-haproxy-router:v1.0.6", +endif::[] +---- + +ifdef::openshift-origin[] +. If you upgraded from Origin 1.0 to Origin 1.1, verify in your old +*_/etc/sysconfig/openshift-master_* and *_/etc/sysconfig/openshift-node_* files +that any custom configuration is added to your new +*_/etc/sysconfig/origin-master_* and *_/etc/sysconfig/origin-node_* files. +endif::[] + +. Use the diagnostics tool on the master to look for common issues: ++ +---- +# oadm diagnostics +... +[Note] Summary of diagnostics execution: +[Note] Completed with no errors or warnings seen. +---- diff --git a/install_config/upgrading/migrating_embedded_etcd.adoc b/install_config/upgrading/migrating_embedded_etcd.adoc new file mode 100644 index 000000000000..9b2659b1c826 --- /dev/null +++ b/install_config/upgrading/migrating_embedded_etcd.adoc @@ -0,0 +1,115 @@ +[[install-config-upgrading-etcd-data-migration]] += Migrating Embedded etcd to External etcd +{product-author} +{product-version} +:data-uri: +:icons: +:experimental: +:toc: macro +:toc-title: +:prewrap!: + +toc::[] + +== Overview + +Until {product-title} 3.6, it was possible to deploy a cluster with an embedded +etcd. As of {product-title} 3.7, this is no longer possible. Additionally, the +etcd API version since {product-title} 3.6 defaults to v3. Also, since +{product-title} 3.7, the v3 is the only version allowed. Therefore, older +deployments with embedded etcd with the etcd API version v2 need to migrate to +the external etcd first, +xref:../../install_config/upgrading/migrating_etcd.adoc#install-config-upgrading-etcd-data-migration[followed +by data migration], before they can be upgraded to {product-title} 3.7. + +This migration process performs the following steps: + +. Stop the master service. +. Perform an etcd backup of embedded etcd. +. Deploy external etcd (on the master or new host). +. Perform a backup of the original etcd master certificates. +. Generate new etcd certificates for the master. +. Transfer the embedded etcd backup to the external etcd host. +. Start the external etcd from the transfered etcd backup. +. Re-configure master to use the external etcd. +. Start master. + +[[etcd-embedded-migration-automated]] +== Running the Automated Migration Playbook + +Migration to external RPM etcd or external containerized etcd is currently +supported. + +A migration playbook is provided to automate all aspects of the process; this is +the preferred method for performing the migration. You must have access to your +existing inventory file with both the master and external etcd host defined in +their separate groups. + +In order to perform the migration on Red Hat Enterprise Linux Atomic Host, you +must be running Atomic Host 7.4 or later. + +. To get the latest playbooks, manually disable the {product-title} 3.6 channel +and enable the 3.7 channel on the host you are running the migration from: ++ +---- +# subscription-manager repos --disable="rhel-7-server-ose-3.6-rpms" \ + --enable="rhel-7-server-ose-3.7-rpms" \ + --enable="rhel-7-server-extras-rpms" \ + --enable="rhel-7-fast-datapath-rpms" +# yum clean all +---- + +. Add `etcd` under the `[OSEv3:children]` section if it does not already exist: ++ +---- +[OSEv3:children] +masters +nodes +etcd +---- + +. Your inventory file is expected to have exactly one host in an `[etcd]` host group. In +most scenarios, it is best to use your existing master, as there is no need for +a separate host. ++ +Add an `[etcd]` host group to your inventory file if it does not already exist, +and list the host to migrate your etcd to: ++ +---- +[etcd] +master1.example.com +---- + +. Run the *_embedded2external.yml_* playbook using your inventory file: ++ +---- +# ansible-playbook [-i /path/to/inventory] \ +ifdef::openshift-enterprise[] + /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-etcd/embedded2external.yml +endif::[] +ifdef::openshift-origin[] + ~/openshift-ansible/playbooks/byo/openshift-etcd/embedded2external.yml +endif::[] +---- ++ +Successful completion of the playbook will show the following: ++ +---- +INSTALLER STATUS ************************************** +Initialization : Complete +etcd Install : Complete +---- + +. To verify that the migration from embedded to external etcd was successful, run +the following on the etcd host and check for an `etcd` process: ++ +---- +# ps -aux | grep etcd +etcd 22384 2.1 3.9 5872848 306072 ? Ssl 10:36 0:02 /usr/bin/etcd --name=master1.example.com --data-dir=/var/lib/etcd/ --listen-client-urls=https://192.168.122.197:2379 +---- + +[[etcd-embedded-migration-manual]] +== Running the Manual Migration + +Currently, manual migration is not recommended, as it requires a deployment of +the new etcd cluster and re-deployment of etcd master certificates. diff --git a/install_config/upgrading/migrating_etcd.adoc b/install_config/upgrading/migrating_etcd.adoc new file mode 100644 index 000000000000..3b6e0159e792 --- /dev/null +++ b/install_config/upgrading/migrating_etcd.adoc @@ -0,0 +1,320 @@ +[[install-config-upgrading-etcd-data-migration]] += Migrating etcd Data (v2 to v3) +{product-author} +{product-version} +:data-uri: +:icons: +:experimental: +:toc: macro +:toc-title: +:prewrap!: + +toc::[] + +== Overview + +While etcd was updated from etcd v2 to v3 in a +link:https://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html#ocp-34-notable-technical-changes[previous +release], {product-title} continued using an etcd v2 data model and API for both +new and upgraded clusters. Starting with {product-title} 3.6, new installations +began using the v3 data model as well, providing +xref:../../scaling_performance/host_practices.adoc#scaling-performance-capacity-host-practices-etcd[improved +performance and scalability]. + +For existing clusters that upgraded to {product-title} 3.6, however, the etcd +data must be migrated from v2 to v3 as a post-upgrade step. This must be +performed using openshift-ansible version 3.6.173.0.21 or later. + +Until {product-title} 3.6, it was possible to deploy a cluster with an embedded +etcd. As of {product-title} 3.7, this is no longer possible. See +xref:../../install_config/upgrading/migrating_embedded_etcd.adoc#install-config-upgrading-etcd-data-migration[Migrating +Embedded etcd to External etcd]. + +The etcd v2 to v3 data migration is performed as an offline migration which +means all etcd members and master services are stopped during the migration. +Large clusters with up to 600MiB of etcd data can expect a 10 to 15 minute +outage of the API, web console, and controllers. + +This migration process performs the following steps: + +. Stop the master API and controller services. +. Perform an etcd backup on all etcd members. +. Perform a migration on the first etcd host +. Remove etcd data from any remaining etcd hosts. +. Perform an etcd scaleup operation adding additional etcd hosts one by one. +. Re-introduce TTL information on specific keys. +. Reconfigure the masters for etcd v3 storage. +. Start the master API and controller services. + +[[etcd-data-migration-before-you-begin]] +== Before You Begin + +You can only begin the etcd data migration process after upgrading to +{product-title} 3.6, as previous versions are not compatible with etcd v3 +storage. Additionally, the upgrade to {product-title} 3.6 reconfigures cluster +DNS services to run on every node, rather than on the masters, which ensures +that, even when master services are taken down, existing pods continue to +function as expected. + +Older deployments with embedded etcd with the etcd API version v2 need to +migrate to the external etcd before migrating data. See +xref:../../install_config/upgrading/migrating_embedded_etcd.adoc#install-config-upgrading-etcd-data-migration[Migrating +Embedded etcd to External etcd]. + +[[etcd-data-migration-automated]] +== Running the Automated Migration Playbook + +A migration playbook is provided to automate all aspects of the process; this is the preferred method for performing the migration. You must have access +to your existing inventory file with both masters and etcd hosts defined in their separate groups. + +. To get the latest playbooks, manually disable the {product-title} 3.6 channel +and enable the 3.7 channel on the host you are running the migration from: ++ +---- +# subscription-manager repos --disable="rhel-7-server-ose-3.6-rpms" \ + --enable="rhel-7-server-ose-3.7-rpms" \ + --enable="rhel-7-server-extras-rpms" \ + --enable="rhel-7-fast-datapath-rpms" +# yum clean all +---- + +. Run the *_migrate.yml_* playbook using your inventory file: ++ +---- +# ansible-playbook [-i /path/to/inventory] \ +ifdef::openshift-enterprise[] + /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-etcd/migrate.yml +endif::[] +ifdef::openshift-origin[] + ~/openshift-ansible/playbooks/byo/openshift-etcd/migrate.yml +endif::[] +---- + +[[etcd-data-migration-manual]] +== Running the Migration Manually + +The following procedure describes the steps required to successfully migrate the +cluster (implemented as part of the Ansible etcd migration playbook). + +. +++Create an etcd backup.+++ See +xref:../../admin_guide/backup_restore.adoc#cluster-backup[Backup and Restore] +for steps. + +. +++Stop masters and wait for etcd convergence:+++ + +.. Stop all master services: ++ +---- +# systemctl stop atomic-openshift-master \ + atomic-openshift-master-api \ + atomic-openshift-master-controllers +---- + +.. Before the migration can proceed, the etcd cluster must be healthy +and raft indices of all etcd members must differ by one unit at most. +At the same time, all etcd members and master daemons must be stopped. ++ +To check the etcd cluster is healthy you can run: ++ +---- +# etcdctl cluster-health <1> +member 2a3d833935d9d076 is healthy: got healthy result from https://etcd-test-1:2379 +member a83a3258059fee18 is healthy: got healthy result from https://etcd-test-2:2379 +member 22a9f2ddf18fee5f is healthy: got healthy result from https://etcd-test-3:2379 +cluster is healthy +---- +<1> For ``, see +xref:../../admin_guide/backup_restore.adoc#adding-addtl-etcd-members[Backup and Restore] for an example of how to set certificate flags. ++ +To check a difference of raft indices you can run: ++ +---- +# ETCDCTL_API=3 etcdctl -w table endpoint status ++------------------+------------------+---------+---------+-----------+-----------+------------+ +| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX | ++------------------+------------------+---------+---------+-----------+-----------+------------+ +| etcd-test-1:2379 | 2a3d833935d9d076 | 3.1.9 | 25 kB | false | 415 | 995 | +| etcd-test-2:2379 | a83a3258059fee18 | 3.1.9 | 25 kB | true | 415 | 995 | +| etcd-test-3:2379 | 22a9f2ddf18fee5f | 3.1.9 | 25 kB | false | 415 | 995 | ++------------------+------------------+---------+---------+-----------+-----------+------------+ +---- ++ +If the minimum and maximum of raft indexes over all etcd members differ by more +than one unit, wait a minute and try the command again. + +. +++Migrate and scale up etcd:+++ ++ +[WARNING] +==== +The migration should not be run repeatedly, as new v2 data can overwrite v3 data +that has already migrated. +==== + +.. Stop etcd on all etcd hosts: ++ +---- +# systemctl stop etcd +---- + +.. Run the following command (with the *etcd* daemon stopped) on your first etcd +host to perform the migration: ++ +---- +# ETCDCTL_API=3 etcdctl migrate --data-dir=/var/lib/etcd +---- ++ +The `--data-dir` target can in a different location depending on the deployment. +For example, embedded etcd operates over the +*_/var/lib/origin/openshift.local.etcd_* directory, and etcd run as a system +container operates over the *_/var/lib/etcd/etcd.etcd_* directory. ++ +When complete, the migration responds with the following message if successful: ++ +---- +finished transforming keys +---- ++ +If there is no v2 data, it responds with: ++ +---- +no v2 keys to migrate +---- + +.. On each remaining etcd host, move the existing member directory to a backup +location: ++ +---- +$ mv /var/lib/etcd/member /var/lib/etc/member.old +---- + +.. Create a new cluster on the first host: ++ +---- +# echo "ETCD_FORCE_NEW_CLUSTER=true" >> /etc/etcd/etcd.conf +# systemctl start etcd +# sed -i '/ETCD_FORCE_NEW_CLUSTER=true/d' /etc/etcd/etcd.conf +# systemctl restart etcd +---- + +.. Scale up additional etcd hosts by following the +xref:../../admin_guide/backup_restore.adoc#adding-addtl-etcd-members[Adding Additional etcd +Members] documentation. + +.. When the `etcdctl migrate` command is run without the `--no-ttl` option, TTL +keys are migrated as well. Given that the TTL keys in v2 data are replaced with +leases in v3 data, you must attach leases to all migrated TTL keys (with the +*etcd* daemon running). ++ +After your etcd cluster is back online with all members, re-introduce the TTL +information by running the following on the first master: ++ +---- +$ oadm migrate etcd-ttl --etcd-address=https://:2379 \ + --cacert=/etc/origin/master/master.etcd-ca.crt \ + --cert=/etc/origin/master/master.etcd-client.crt \ + --key=/etc/origin/master/master.etcd-client.key \ + --ttl-keys-prefix '/kubernetes.io/events' \ + --lease-duration 1h +$ oadm migrate etcd-ttl --etcd-address=https://:2379 \ + --cacert=/etc/origin/master/master.etcd-ca.crt \ + --cert=/etc/origin/master/master.etcd-client.crt \ + --key=/etc/origin/master/master.etcd-client.key \ + --ttl-keys-prefix '/kubernetes.io/masterleases' \ + --lease-duration 10s +$ oadm migrate etcd-ttl --etcd-address=https://:2379 \ + --cacert=/etc/origin/master/master.etcd-ca.crt \ + --cert=/etc/origin/master/master.etcd-client.crt \ + --key=/etc/origin/master/master.etcd-client.key \ + --ttl-keys-prefix '/openshift.io/oauth/accesstokens' \ + --lease-duration 86400s +$ oadm migrate etcd-ttl --etcd-address=https://:2379 \ + --cacert=/etc/origin/master/master.etcd-ca.crt \ + --cert=/etc/origin/master/master.etcd-client.crt \ + --key=/etc/origin/master/master.etcd-client.key \ + --ttl-keys-prefix '/openshift.io/oauth/authorizetokens' \ + --lease-duration 500s +$ oadm migrate etcd-ttl --etcd-address=https://:2379 \ + --cacert=/etc/origin/master/master.etcd-ca.crt \ + --cert=/etc/origin/master/master.etcd-client.crt \ + --key=/etc/origin/master/master.etcd-client.key \ + --ttl-keys-prefix '/openshift.io/leases/controllers' \ + --lease-duration 10s +---- + +. +++Reconfigure the master:+++ + +.. After the migration is complete, the +xref:../install_config/master_node_configuration.adoc#master-configuration-files[master +configuration file] (the *_/etc/origin/master/master-config.yaml_* file by +default) must be updated so the master daemons can use the new storage back end: ++ +[source,yaml] +---- +kubernetesMasterConfig: + apiServerArguments: + storage-backend: + - etcd3 + storage-media-type: + - application/vnd.kubernetes.protobuf +---- + +.. Restart your services; for single master clusters, run: ++ +---- +# systemctl start atomic-openshift-master +---- ++ +For multiple master clusters, run the following on all masters: ++ +---- +# systemctl start atomic-openshift-master-api \ + atomic-openshift-master-controllers +---- + +[[etcd-data-migration-recovering]] +== Recovering from Migration Issues + +If you discover problems after the migration has completed, you may wish to restore +from a backup: + +. Stop the master services: ++ +---- +# systemctl stop atomic-openshift-master \ + atomic-openshift-master-api \ + atomic-openshift-master-controllers +---- + +. Remove the `storage-backend` and `storage-media-type` keys from from +`kubernetesMasterConfig.apiServerArguments` section in the master configuration +file on each master: ++ +[source,yaml] +---- +kubernetesMasterConfig: + apiServerArguments: + ... +---- + +. Restore from backups that were taken prior to the migration, located in +a timestamped directory under *_/var/lib/etcd_*, such as: ++ +---- +/var/lib/etcd/openshift-backup-pre-migration20170825135732 +---- ++ +Use procedure described in xref:../../admin_guide/backup_restore.adoc#cluster-restore-multiple-member-etcd-clusters[Cluster Restore for Multiple-member etcd Clusters] +or xref:../../admin_guide/backup_restore.adoc#cluster-restore-single-member-etcd-clusters[Cluster Restore for Single-member etcd Clusters]. + +. Restart master services; for single master clusters, run: ++ +---- +# systemctl start atomic-openshift-master +---- ++ +For multiple master clusters, run the following on all masters: ++ +---- +# systemctl start atomic-openshift-master-api \ + atomic-openshift-master-controllers +---- From a24881276de2a3671996a7385688e90fa712c787 Mon Sep 17 00:00:00 2001 From: Alex Dellapenta Date: Wed, 22 Nov 2017 18:10:34 -0500 Subject: [PATCH 2/8] Rm quick install docs/links --- _topic_map.yml | 2 - admin_guide/backup_restore.adoc | 3 - admin_guide/manage_nodes.adoc | 6 - admin_guide/managing_networking.adoc | 12 +- admin_solutions/master_node_config.adoc | 25 +- .../adding_hosts_to_existing_cluster.adoc | 92 +---- .../configuring_authentication.adoc | 9 +- install_config/configuring_sdn.adoc | 146 ++++++- install_config/imagestreams_templates.adoc | 6 +- install_config/install/advanced_install.adoc | 5 - .../install/disconnected_install.adoc | 3 +- install_config/install/host_preparation.adoc | 37 +- install_config/install/index.adoc | 15 +- install_config/install/planning.adoc | 20 +- install_config/install/quick_install.adoc | 355 ------------------ .../install/rpm_vs_containerized.adoc | 62 +-- .../install/stand_alone_registry.adoc | 40 -- .../router/default_haproxy_router.adoc | 18 +- install_config/router/index.adoc | 2 +- .../upgrading/automated_upgrades.adoc | 14 +- .../upgrading/blue_green_deployments.adoc | 5 +- install_config/upgrading/index.adoc | 32 +- install_config/upgrading/manual_upgrades.adoc | 12 +- using_images/xpaas_images/eap.adoc | 12 +- using_images/xpaas_images/sso.adoc | 6 +- welcome/index.adoc | 4 +- 26 files changed, 287 insertions(+), 656 deletions(-) delete mode 100644 install_config/install/quick_install.adoc diff --git a/_topic_map.yml b/_topic_map.yml index 40bb623de759..93d65ab0962f 100644 --- a/_topic_map.yml +++ b/_topic_map.yml @@ -274,8 +274,6 @@ Topics: File: host_preparation - Name: Installing on Containerized Hosts File: rpm_vs_containerized - - Name: Quick Installation - File: quick_install - Name: Advanced Installation File: advanced_install - Name: Disconnected Installation diff --git a/admin_guide/backup_restore.adoc b/admin_guide/backup_restore.adoc index 428f33c90c77..bf9b4459f2f9 100644 --- a/admin_guide/backup_restore.adoc +++ b/admin_guide/backup_restore.adoc @@ -42,9 +42,6 @@ nodes they get rescheduled to. reinstallation, save all the files used in the initial installation. This may include: + -- *_~/.config/openshift/installer.cfg.yml_* (from the -xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick Installation] -method) - Ansible playbooks and inventory files (from the xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] method) diff --git a/admin_guide/manage_nodes.adoc b/admin_guide/manage_nodes.adoc index 59dcbb6494a8..58af0b4ce6a4 100644 --- a/admin_guide/manage_nodes.adoc +++ b/admin_guide/manage_nodes.adoc @@ -114,12 +114,6 @@ certificates, and other important steps. See the xref:../install_config/install/advanced_install.adoc#adding-nodes-advanced[advanced installation] method for instructions on running the playbook directly. -ifdef::openshift-enterprise[] -Alternatively, if you used the quick installation method, you can -xref:../install_config/install/quick_install.adoc#adding-nodes-or-reinstalling-quick[re-run -the installer to add nodes], which performs the same steps. -endif::[] - [[deleting-nodes]] == Deleting Nodes diff --git a/admin_guide/managing_networking.adoc b/admin_guide/managing_networking.adoc index 9d12b3fc6e8c..1121587b0b5f 100644 --- a/admin_guide/managing_networking.adoc +++ b/admin_guide/managing_networking.adoc @@ -283,6 +283,16 @@ different, and the egress network policy may not be enforced as expected. In the above example, suppose `www.foo.com` resolved to `10.11.12.13` and has a DNS TTL of one minute, but was later changed to `20.21.22.23`. {product-title} will then take up to one minute to adapt to these changes. ++ +[NOTE] +==== +The egress firewall always allows pods access to the external interface of the +node the pod is on for DNS resolution. If your DNS resolution is not handled by +something on the local node, then you will need to add egress firewall rules +allowing access to the DNS server's IP addresses if you are using domain names +in your pods. The default installer sets up a local dnsmasq, so if you are using +that setup you will not need to add extra rules. +==== . Use the JSON file to create an EgressNetworkPolicy object: + @@ -1232,4 +1242,4 @@ services to include this site in their HSTS preload lists. For example, sites such as Google can construct a list of sites that have `preload` set. Browsers can then use these lists to determine which sites to only talk to over HTTPS, even before they have interacted with the site. Without `preload` set, they need -to have talked to the site over HTTPS to get the header. \ No newline at end of file +to have talked to the site over HTTPS to get the header. diff --git a/admin_solutions/master_node_config.adoc b/admin_solutions/master_node_config.adoc index 5fd33887f110..27fc0b875ef9 100644 --- a/admin_solutions/master_node_config.adoc +++ b/admin_solutions/master_node_config.adoc @@ -29,9 +29,8 @@ files define a wide range of options that can be configured on the {product-titl xref:../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[master] and xref:../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[nodes]. These options include overriding the default plug-ins, connecting to etcd, automatically creating service accounts, building image names, customizing project requests, configuring volume plug-ins, and much more. -== How Many Masters Do I Need? -For testing environments deployed via the -xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[quick install], one master should be sufficient. The quick installation method should not be used for production environments. +[[master-node-config-prereq]] +== Prerequisites Production environments should be installed using the xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced install]. In production environments, it is a good idea to use @@ -49,17 +48,16 @@ The only way to successfully run only two masters is if you install etcd on host == Configuring Masters and Nodes -The method you use to configure your master and node configuration files must match the method that was used to install your {product-title} cluster. If you followed the: - -- xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced installation] +The method you use to configure your master and node configuration files must match the method that was used to install your {product-title} cluster. If you followed the xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced installation] method using Ansible, then make your configuration changes xref:../admin_solutions/master_node_config.adoc#master-node-config-ansible[in the Ansible playbook]. -- xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick installation] ifdef::openshift-origin[] -or https://docs.openshift.org/latest/getting_started/administrators.html[Manual installation] -endif::openshift-origin[] -method, then make your changes -xref:../admin_solutions/master_node_config.adoc#master-node-config-manual[manually in the configuration files] themselves. +If you followed the +xref:../getting_started/administrators.adoc#getting-started-administrators[Manual +installation] method, then make your changes +xref:../admin_solutions/master_node_config.adoc#master-node-config-manual[manually +in the configuration files] themselves. +endif::[] [[master-node-config-ansible]] === Making Configuration Changes Using Ansible @@ -138,9 +136,8 @@ https://github.com/openshift/openshift-ansible/blob/master/inventory/byo/hosts.o [[master-node-config-manual]] === Making Manual Configuration Changes -After installing {product-title} using the -xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[quick install], -you can make modifications to the master and node configuration files to customize your cluster. +You can make manual modifications to the master and node configuration files to +customize your cluster. *Use Case: Configure the cluster to use HTPasswd authentication* diff --git a/install_config/adding_hosts_to_existing_cluster.adoc b/install_config/adding_hosts_to_existing_cluster.adoc index 8063403fed49..7957dadf97b8 100644 --- a/install_config/adding_hosts_to_existing_cluster.adoc +++ b/install_config/adding_hosts_to_existing_cluster.adoc @@ -13,79 +13,8 @@ toc::[] == Overview -Depending on how your {product-title} cluster was installed, you can add new -hosts (either nodes or masters) to your installation by using the install tool -for quick installations, or by using the *_scaleup.yml_* playbook for advanced -installations. - -[[adding-nodes-or-reinstalling-quick]] -== Adding Hosts Using the Quick Installer Tool - -If you used the quick install tool to install your {product-title} cluster, you -can use the quick install tool to add a new node host to your existing cluster, -or to reinstall the cluster entirely. - -[NOTE] -==== -Currently, you can not use the quick installer tool to add new master hosts. You -must use the -xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced -installation] method to do so. -==== - -If you used the installer in either -xref:../install_config/install/quick_install.adoc#running-an-interactive-installation[interactive] or -xref:../install_config/install/quick_install.adoc#running-an-unattended-installation[unattended] mode, you can re-run the -installation as long as you have an -xref:../install_config/install/quick_install.adoc#defining-an-installation-configuration-file[installation configuration -file] at *_~/.config/openshift/installer.cfg.yml_* (or specify a different -location with the `-c` option). - -//// -If you installed using the -xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced -installation] method and therefore do not have an installation configuration -file, you can either try -xref:../install_config/install/quick_install.adoc#defining-an-installation-configuration-file[creating your own] based on -your cluster's current configuration, or see the advanced installation method on -how to -xref:adding-nodes-advanced[run the playbook for adding new nodes directly]. -//// - -[IMPORTANT] -==== -The recommended maximum number of nodes is 300. -==== - -To add nodes to your installation: - -. Ensure you have the latest installer and playbooks by updating the -*openshift-ansible* packages: -+ ----- -# yum update openshift-ansible ----- - -. Run the installer with the `scaleup` subcommand in interactive or -unattended mode: -+ ----- -$ atomic-openshift-installer [-u] [-c ] install ----- - -. The installer detects your current environment and allows you to either -add an additional node or re-perform a clean install: -+ -==== ----- -Gathering information from hosts... -Installed environment detected. -By default the installer only adds new nodes to an installed environment. -Do you want to (1) only add additional nodes or (2) perform a clean install?: ----- -==== -+ -Choose (1) and follow the on-screen instructions to complete your desired task. +You can add new hosts (either nodes or masters) to your installation using the +*_scaleup.yml_* playbook for advanced installations. [[adding-nodes-advanced]] == Adding Hosts Using the Advanced Install @@ -95,26 +24,13 @@ cluster by running the *_scaleup.yml_* playbook. This playbook queries the master, generates and distributes new certificates for the new hosts, then runs the configuration playbooks on the new hosts only. Before running the *_scaleup.yml_* playbook, complete all prerequisite -xref:../install_config/install/host_preparation.adoc#install-config-install-host-preparation[host -preparation] steps. - - -ifdef::openshift-enterprise[] -This process is similar to re-running the installer in the -xref:adding-nodes-or-reinstalling-quick[quick installation method to add nodes], -however you have more configuration options available when using the advanced -method and when running the playbooks directly. -endif::[] +xref:../install_config/install/host_preparation.adoc#install-config-install-host-preparation[host preparation] steps. You must have an existing inventory file (for example, *_/etc/ansible/hosts_*) that is representative of your current cluster configuration in order to run the *_scaleup.yml_* playbook. ifdef::openshift-enterprise[] -If you previously used the `atomic-openshift-installer` command to run your -installation, you can check *_~/.config/openshift/.ansible/hosts_* for the last -inventory file that the installer generated, and use or modify that as needed as -your inventory file. You must then specify the file location with `-i` when -calling `ansible-playbook` later. + endif::[] [IMPORTANT] diff --git a/install_config/configuring_authentication.adoc b/install_config/configuring_authentication.adoc index fdd1c8520837..ffb45ce1d2e4 100644 --- a/install_config/configuring_authentication.adoc +++ b/install_config/configuring_authentication.adoc @@ -26,13 +26,8 @@ xref:identity-providers[identity provider]. This can be done during an xref:../install_config/install/advanced_install.adoc#configuring-cluster-variables[advanced installation] or configured after installation. -If you installed {product-title} using -the -ifdef::openshift-enterprise[] -xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick Installation] or -endif::[] -xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] -method, the +If you installed {product-title} using the +xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] method, the ifdef::openshift-enterprise[] xref:DenyAllPasswordIdentityProvider[Deny All] identity provider is used by default, which denies access for all user names and diff --git a/install_config/configuring_sdn.adoc b/install_config/configuring_sdn.adoc index 40cc1de581a8..fe74fbfc929b 100644 --- a/install_config/configuring_sdn.adoc +++ b/install_config/configuring_sdn.adoc @@ -72,8 +72,6 @@ xref:../install_config/install/advanced_install.adoc#configuring-cluster-variabl which is configurable in the Ansible inventory file. .Example SDN Configuration with Ansible -==== - ---- # Configure the multi-tenant SDN plugin (default is 'redhat/openshift-ovs-subnet') # os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' @@ -109,15 +107,6 @@ which is configurable in the Ansible inventory file. # or userspace for the userspace proxy. #openshift_node_proxy_mode=iptables ---- -==== - -ifdef::openshift-enterprise[] -For initial xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installations], -the *ovs-subnet* plug-in is installed and configured by default as well, and can -be -xref:../install_config/master_node_configuration.adoc#master-configuration-files[reconfigured post-installation] -using the `*networkConfig*` stanza of the *_master-config.yaml_* file. -endif::[] [[configuring-the-pod-network-on-masters]] == Configuring the Pod Network on Masters @@ -265,3 +254,138 @@ so that the master does not schedule containers on it. Both options are presented as part of a practical use-case in the documentation for configuring xref:../install_config/routing_from_edge_lb.adoc#install-config-routing-from-edge-lb[routing from an edge load-balancer to containers within OpenShift SDN]. + +[[using-flannel]] +== Using Flannel +As an alternate to the default SDN, {product-title} also provides Ansible +playbooks for installing *flannel*-based networking. This is useful if running +{product-title} within a cloud provider platform that also relies on SDN, such +as Red Hat OpenStack Platform, and you want to avoid encapsulating packets twice +through both platforms. + +Flannel uses a single IP network space for all of the containers allocating a +contiguous subset of the space to each instance. Consequently, nothing prevents +a container from attempting to contact any IP address in the same network +space. This hinders multi-tenancy because the network cannot be used to isolate +containers in one application from another. + +Depending on whether you prefer mutli-tenancy isolation or performance, you should determine the +appropriate choice when deciding between OpenShift SDN (multi-tenancy) and flannel (performance) +for internal networks. + +ifndef::openshift-origin[] +[IMPORTANT] +==== +Flannel is only supported for {product-title} on Red Hat OpenStack Platform. +==== +endif::[] + +[IMPORTANT] +==== +The current version of Neutron enforces port security on ports by default. This +prevents the port from sending or receiving packets with a MAC address +different from that on the port itself. Flannel creates virtual MACs and IP +addresses and must send and receive packets on the port, so port security must +be disabled on the ports that carry flannel traffic. +==== + +To enable flannel within your {product-title} cluster: + +. Neutron port security controls must be configured to be compatible with +Flannel. The default configuration of Red Hat OpenStack Platform disables user +control of `port_security`. Configure Neutron to allow users to control the +`port_security` setting on individual ports. ++ +.. On the Neutron servers, add the following to the +*_/etc/neutron/plugins/ml2/ml2_conf.ini_* file: ++ +---- +[ml2] +... +extension_drivers = port_security +---- ++ +.. Then, restart the Neutron services: ++ +---- +service neutron-dhcp-agent restart +service neutron-ovs-cleanup restart +service neutron-metadata-agentrestart +service neutron-l3-agent restart +service neutron-plugin-openvswitch-agent restart +service neutron-vpn-agent restart +service neutron-server restart +---- + +. When creating the {product-title} instances on Red Hat OpenStack Platform, disable both port security and security +groups in the ports where the container network flannel interface will be: ++ +---- +neutron port-update $port --no-security-groups --port-security-enabled=False +---- ++ +[NOTE] +==== +Flannel gather information from etcd to configure and assign +the subnets in the nodes. Therefore, the security group attached to the etcd +hosts should allow access from nodes to port 2379/tcp, and nodes security +group should allow egress communication to that port on the etcd hosts. +==== + +.. Set the following variables in your Ansible inventory file before running the +installation: ++ +---- +openshift_use_openshift_sdn=false <1> +openshift_use_flannel=true <2> +flannel_interface=eth0 +---- +<1> Set `openshift_use_openshift_sdn` to `false` to disable the default SDN. +<2> Set `openshift_use_flannel` to `true` to enable *flannel* in place. + +.. Optionally, you can specify the interface to use for inter-host communication +using the `flannel_interface` variable. Without this variable, the +{product-title} installation uses the default interface. ++ +[NOTE] +==== +Custom networking CIDR for pods and services using flannel will be supported in a future release. +link:https://bugzilla.redhat.com/show_bug.cgi?id=1473858[*BZ#1473858*] +==== + +. After the {product-title} installation, add a set of iptables rules on every {product-title} node: ++ +---- +iptables -A DOCKER -p all -j ACCEPT +iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE +---- ++ +To persist those changes in the *_/etc/sysconfig/iptables_* use the following +command on every node: ++ +---- +cp /etc/sysconfig/iptables{,.orig} +sh -c "tac /etc/sysconfig/iptables.orig | sed -e '0,/:DOCKER -/ s/:DOCKER -/:DOCKER ACCEPT/' | awk '"\!"p && /POSTROUTING/{print \"-A POSTROUTING -o eth1 -j MASQUERADE\"; p=1} 1' | tac > /etc/sysconfig/iptables" +---- ++ +[NOTE] +==== +The `iptables-save` command saves all the current _in memory_ iptables rules. +However, because Docker, Kubernetes and {product-title} create a high number of iptables rules +(services, etc.) not designed to be persisted, saving these rules can become problematic. +==== + +To isolate container traffic from the rest of the {product-title} traffic, Red Hat +recommends creating an isolated tenant network and attaching all the nodes to it. +If you are using a different network interface (eth1), remember to configure the +interface to start at boot time through the +*_/etc/sysconfig/network-scripts/ifcfg-eth1_* file: + +---- +DEVICE=eth1 +TYPE=Ethernet +BOOTPROTO=dhcp +ONBOOT=yes +DEFTROUTE=no +PEERDNS=no +---- diff --git a/install_config/imagestreams_templates.adoc b/install_config/imagestreams_templates.adoc index 15c11267c52c..d445b9392d06 100644 --- a/install_config/imagestreams_templates.adoc +++ b/install_config/imagestreams_templates.adoc @@ -17,10 +17,8 @@ ifdef::openshift-enterprise[] Your OpenShift installation includes useful sets of Red Hat-provided xref:../architecture/core_concepts/builds_and_image_streams.adoc#image-streams[image streams] and xref:../dev_guide/templates.adoc#dev-guide-templates[templates] to -make it easy for developers to create new applications. By default, the -xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] and -xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] -methods automatically create these sets in the *openshift* project, which is a +make it easy for developers to create new applications. By default, advanced installation +method automatically creates these sets in the *openshift* project, which is a default global project to which all users have view access. endif::[] diff --git a/install_config/install/advanced_install.adoc b/install_config/install/advanced_install.adoc index 5270480b5dd1..6fe51b47cf2f 100644 --- a/install_config/install/advanced_install.adoc +++ b/install_config/install/advanced_install.adoc @@ -43,11 +43,6 @@ xref:running-the-advanced-installation-system-container[containerized version of Technology Preview feature. ==== -ifdef::openshift-enterprise[] -Alternatively, you can use the xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation] -method if you prefer an interactive installation experience. -endif::[] - [NOTE] ==== To install {product-title} as a stand-alone registry, see diff --git a/install_config/install/disconnected_install.adoc b/install_config/install/disconnected_install.adoc index 59446e6907e9..4e17df2ba313 100644 --- a/install_config/install/disconnected_install.adoc +++ b/install_config/install/disconnected_install.adoc @@ -444,8 +444,7 @@ builder images: [[disconnected-running-the-openshift-installer]] === Running the {product-title} Installer -You can now choose to follow the -xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] or +You can now follow the xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced] {product-title} installation instructions in the documentation. diff --git a/install_config/install/host_preparation.adoc b/install_config/install/host_preparation.adoc index b99640e7353b..21421a041dcf 100644 --- a/install_config/install/host_preparation.adoc +++ b/install_config/install/host_preparation.adoc @@ -118,14 +118,24 @@ For RHEL 7 systems: ---- ifdef::openshift-enterprise[] -. Install the following package, which provides {product-title} utilities and pulls in -other tools required by the -xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] and -xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] -methods, such as Ansible and related configuration files: +. If you plan to use the +xref:../../install_config/install/advanced_install.adoc#running-the-advanced-installation-rpm[RPM-based installer] to run an advanced installation, you can skip this step. However, if +you plan to use the +xref:../../install_config/install/advanced_install.adoc#running-the-advanced-installation-system-container[containerized installer] (currently a Technology Preview feature): + +.. Install the *atomic* package: + ---- -# yum install atomic-openshift-utils +# yum install atomic +---- + +.. Skip to xref:installing-docker[Installing Docker]. + +. Install the following package, which provides the Ansible playbooks and related +configuration files needed for installation: ++ +---- +# yum install openshift-ansible ---- endif::[] @@ -538,16 +548,10 @@ Logging Drivers]. == Ensuring Host Access -ifdef::openshift-origin[] -The xref:advanced_install.adoc#install-config-install-advanced-install[advanced installation] method requires -endif::[] -ifdef::openshift-enterprise[] -The xref:quick_install.adoc#install-config-install-quick-install[quick] and xref:advanced_install.adoc#install-config-install-advanced-install[advanced -installation] methods require -endif::[] -a user that has access to all hosts. If you want to run the installer as a -non-root user, passwordless *sudo* rights must be configured on each destination -host. +The xref:advanced_install.adoc#install-config-install-advanced-install[advanced +installation] method requires a user that has access to all hosts. If you want +to run the installer as a non-root user, passwordless *sudo* rights must be +configured on each destination host. For example, you can generate an SSH key on the host where you will invoke the installation process: @@ -579,7 +583,6 @@ xref:../../install_config/install/rpm_vs_containerized.adoc#install-config-insta to prepare your hosts. When you are ready to proceed, you can install {product-title} using the -xref:quick_install.adoc#install-config-install-quick-install[quick installation] or xref:advanced_install.adoc#install-config-install-advanced-install[advanced installation] method. endif::[] diff --git a/install_config/install/index.adoc b/install_config/install/index.adoc index b440aee77e11..e1f1542325bc 100644 --- a/install_config/install/index.adoc +++ b/install_config/install/index.adoc @@ -7,13 +7,6 @@ :experimental: :prewrap!: -ifdef::openshift-enterprise[] -The xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation] -method allows you to use an interactive CLI utility to install OpenShift across -a set of hosts. This installer is a self-contained wrapper intended for usage on -a Red Hat Enterprise Linux 7 host. -endif::[] - ifdef::openshift-origin[] You can quickly get OpenShift Origin running by choosing an installation method in xref:../../getting_started/administrators.adoc#getting-started-administrators[Getting Started for @@ -23,14 +16,10 @@ endif::[] ifdef::openshift-origin,openshift-enterprise,openshift-dedicated[] For production environments, a reference configuration implemented using Ansible playbooks is available as the -xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] -method. +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] method. -[NOTE] -==== -Before beginning either installation method, start with the +Before beginning with the installation, start with the xref:../../install_config/install/prerequisites.adoc#install-config-install-prerequisites[Prerequisites] topic. -==== endif::[] ifdef::atomic-registry[] diff --git a/install_config/install/planning.adoc b/install_config/install/planning.adoc index 94b09bbeb9e9..7a566898cc5b 100644 --- a/install_config/install/planning.adoc +++ b/install_config/install/planning.adoc @@ -17,10 +17,6 @@ toc::[] For production environments, several factors influence installation. Consider the following questions as you read through the documentation: -* _Which installation method do you want to use?_ The xref:installation-methods[Installation Methods] -section provides some information about the quick and advanced installation -methods. - * _How many hosts do you require in the cluster?_ The xref:environment-scenarios[Environment Scenarios] section provides multiple examples of Single Master and Multiple Master configurations. @@ -40,14 +36,14 @@ have a preference for a particular method of installing, managing, and updating your services. [[installation-methods]] -== Installation Methods - -Both the quick and advanced installations methods are supported for development and production environments. If you want to quickly get OpenShift Container Platform up and running to try out for the first time, use the quick installer and let the interactive CLI guide you through the configuration options relevant to your environment. - -For the most control over your cluster’s configuration, you can use the advanced installation method. This method is particularly suited if you are already familiar with Ansible. However, following along with the OpenShift Container Platform documentation should equip you with enough information to reliably deploy your cluster and continue to manage its configuration post-deployment using the provided Ansible playbooks directly. - -If you install initially using the quick installer, you can always further tweak your cluster’s configuration and adjust the number of hosts in the cluster using the same installer tool. If you wanted to later switch to using the advanced method, you can create an inventory file for your configuration and carry on that way. - +== Installation Method + +The advanced installation method is supported for development and production +environments. Providing the most control over your cluster’s configuration, this +method is particularly suited if you are already familiar with Ansible. However, +following along with the {product-title} documentation should equip you with +enough information to reliably deploy your cluster and continue to manage its +configuration post-deployment using the provided Ansible playbooks directly. [[sizing]] == Sizing Considerations diff --git a/install_config/install/quick_install.adoc b/install_config/install/quick_install.adoc deleted file mode 100644 index 9bd19f783b4b..000000000000 --- a/install_config/install/quick_install.adoc +++ /dev/null @@ -1,355 +0,0 @@ -[[install-config-install-quick-install]] -= Quick Installation -{product-author} -{product-version} -:data-uri: -:icons: -:experimental: -:toc: macro -:toc-title: -:prewrap!: - -ifdef::openshift-origin[] -You can quickly get OpenShift Origin running by choosing an installation method -in xref:../../getting_started/administrators.adoc#getting-started-administrators[Getting Started for -Administrators]. -endif::[] - -ifdef::openshift-enterprise[] -toc::[] - -== Overview -The _quick installation_ method allows you to use an interactive CLI utility, -the `atomic-openshift-installer` command, to install OpenShift across a set of -hosts. This installer can deploy OpenShift components on targeted hosts by -either installing RPMs or running containerized services. - -This installation method is provided to make the installation experience easier -by xref:running-an-interactive-installation[interactively gathering the data] -needed to run on each host. The installer is a self-contained wrapper intended -for usage on a Red Hat Enterprise Linux (RHEL) 7 system. - -In addition to running xref:running-an-interactive-installation[interactive -installations] from scratch, the `atomic-openshift-installer` command can also -be run or re-run using a predefined installation configuration file. This file -can be used with the installer to: - -- run an xref:running-an-unattended-installation[unattended installation], -- xref:adding-nodes-or-reinstalling-quick[add nodes] to an existing cluster, -- xref:../../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade your cluster], or -- xref:adding-nodes-or-reinstalling-quick[reinstall] the OpenShift cluster -completely. -endif::[] - -Alternatively, you can use the xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] -method for more complex environments. - -ifdef::openshift-enterprise[] - -[NOTE] -==== -To install {product-title} as a stand-alone registry, see -xref:../../install_config/install/stand_alone_registry.adoc#install-config-installing-stand-alone-registry[Installing a Stand-alone Registry]. -==== - -[[quick-before-you-begin]] - -== Before You Begin - -The installer allows you to install OpenShift -xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[master] -and -xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[node] -components on a defined set of hosts. - -[NOTE] -==== -By default, any hosts you designate as masters during the installation process -are automatically also configured as nodes so that the masters are configured as -part of the -xref:../../architecture/networking/network_plugins.adoc#openshift-sdn[{product-title} -SDN]. The node component on the masters, however, are marked unschedulable, -which blocks pods from being scheduled on it. After the installation, you can -xref:../../admin_guide/manage_nodes.adoc#marking-nodes-as-unschedulable-or-schedulable[mark -them schedulable] if you want. -==== - -Before installing OpenShift, you must first -xref:../../install_config/install/prerequisites.adoc#install-config-install-prerequisites[satisfy the prerequisites] -on your hosts, which includes verifying system and environment requirements and -properly installing and configuring Docker. You must also be prepared to provide -or validate the following information for each of your targeted hosts during the -course of the installation: - -- User name on the target host that should run the Ansible-based installation -(can be root or non-root) -- Host name -- Whether to install components for master, node, or both -- Whether to use the RPM or containerized method -- Internal and external IP addresses - -If you are interested in installing OpenShift using the containerized method -(optional for RHEL but required for RHEL Atomic Host), see -xref:../../install_config/install/rpm_vs_containerized.adoc#install-config-install-rpm-vs-containerized[RPM vs -Containerized] to ensure that you understand the differences between these -methods, then return to this topic to continue. - -After following the instructions in the -xref:../../install_config/install/prerequisites.adoc#install-config-install-prerequisites[Prerequisites] topic and -deciding between the RPM and containerized methods, you can continue to running -an xref:running-an-interactive-installation[interactive] or -xref:running-an-unattended-installation[unattended] installation. - -[[running-an-interactive-installation]] - -== Running an Interactive Installation - -[NOTE] -==== -Ensure you have read through xref:quick-before-you-begin[Before You Begin]. -==== - -You can start the interactive installation by running: - ----- -$ atomic-openshift-installer install ----- - -Then follow the on-screen instructions to install a new OpenShift Enterprise -cluster. - -After it has finished, ensure that you back up the -*_~/.config/openshift/installer.cfg.yml_* -xref:defining-an-installation-configuration-file[installation configuration -file] that is created, as it is required if you later want to re-run the -installation, add hosts to the cluster, or -xref:../../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade your cluster]. Then, -xref:quick-verifying-the-installation[verify the installation]. - -[[defining-an-installation-configuration-file]] - -== Defining an Installation Configuration File - -The installer can use a predefined installation configuration file, which -contains information about your installation, individual hosts, and cluster. -When running an xref:running-an-interactive-installation[interactive -installation], an installation configuration file based on your answers is -created for you in *_~/.config/openshift/installer.cfg.yml_*. The file is -created if you are instructed to exit the installation to manually modify the -configuration or when the installation completes. You can also create the -configuration file manually from scratch to perform an -xref:running-an-unattended-installation[unattended installation]. - -.Installation Configuration File Specification -[source,yaml] ----- -version: v1 <1> -variant: openshift-enterprise <2> -variant_version: 3.7 <3> -ansible_log_path: /tmp/ansible.log <4> -deployment: - ansible_ssh_user: root <5> - hosts: <6> - - ip: 10.0.0.1 <7> - hostname: master-private.example.com <7> - public_ip: 24.222.0.1 <8> - public_hostname: master.example.com <8> - roles: <9> - - master - - node - containerized: true <10> - connect_to: 24.222.0.1 <11> - - ip: 10.0.0.2 - hostname: node1-private.example.com - public_ip: 24.222.0.2 - public_hostname: node1.example.com - node_labels: {'region': 'infra'} <12> - roles: - - node - connect_to: 10.0.0.2 - - ip: 10.0.0.3 - hostname: node2-private.example.com - public_ip: 24.222.0.3 - public_hostname: node2.example.com - roles: - - node - connect_to: 10.0.0.3 - roles: <13> - master: - : "" <14> - : "" - node: - : "" <14> ----- -<1> The version of this installation configuration file. As of OpenShift -Enterprise (OSE) 3.1, the only valid version here is `v1`. -<2> The OpenShift variant to install. For OSE, set this to -`openshift-enterprise`. -<3> A valid version of your selected variant: `3.7`, `3.6`, `3.5`, `3.4`, `3.3`, -`3.2`, or `3.1`. If not specified, this defaults to the latest version for the -specified variant. -<4> Defines where the Ansible logs are stored. By default, this is the -*_/tmp/ansible.log_* file. -<5> Defines which user Ansible uses to SSH in to remote systems for gathering -facts and for the installation. By default, this is the root user, but you can -set it to any user that has *sudo* privileges. -<5> Defines where the Ansible logs are stored. By default, this is the -*_/tmp/ansible.log_* file. -<6> Defines a list of the hosts onto which you want to install the OpenShift -master and node components. -<7> Required. Allows the installer to connect to the system and gather facts -before proceeding with the install. -<8> Required for unattended installations. If these details are not specified, -then this information is pulled from the facts gathered by the installer, and -you are asked to confirm the details. If undefined for an unattended -installation, the installation fails. -<9> Determines the type of services that are installed. At least one of these -must be set to *true* for the configuration file to be considered valid. -<10> If set to *true*, containerized OpenShift services are run on target master -and node hosts instead of installed using RPM packages. If set to *false* or -unset, the default RPM method is used. RHEL Atomic Host requires the -containerized method, and is automatically selected for you based on the -detection of the *_/run/ostree-booted_* file. See -xref:../../install_config/install/rpm_vs_containerized.adoc#install-config-install-rpm-vs-containerized[RPM vs -Containerized] for more details. -<11> The IP address that Ansible attempts to connect to when installing, -upgrading, or uninstalling the systems. If the configuration file was -auto-generated, then this is the value you first enter for the host during that -interactive install process. -<12> Node labels can optionally be set per-host. -<13> Defines a dictionary of roles across the deployment. -<14> Any ansible variables that should only be applied to hosts assigned a role can be defined. -For examples, see xref:../../install_config/install/advanced_install.adoc#configuring-ansible[Configuring Ansible]. - -[[running-an-unattended-installation]] - -== Running an Unattended Installation - -[NOTE] -==== -Ensure you have read through the xref:quick-before-you-begin[Before You Begin]. -==== - -Unattended installations allow you to define your hosts and cluster -configuration in an -xref:defining-an-installation-configuration-file[installation configuration -file] before running the installer so that you do not have to go through all of -the xref:running-an-interactive-installation[interactive installation] -questions and answers. It also allows you to resume an interactive installation -you may have left unfinished, and quickly get back to where you left off. - -To run an unattended installation, first define an -xref:defining-an-installation-configuration-file[installation configuration -file] at *_~/.config/openshift/installer.cfg.yml_*. Then, run the installer with -the `-u` flag: - ----- -$ atomic-openshift-installer -u install ----- - -By default in interactive or unattended mode, the installer uses the -configuration file located at *_~/.config/openshift/installer.cfg.yml_* if the -file exists. If it does not exist, attempting to start an unattended -installation fails. - -Alternatively, you can specify a different location for the configuration file -using the `-c` option, but doing so will require you to specify the file -location every time you run the installation: - ----- -$ atomic-openshift-installer -u -c install ----- - -After the unattended installation finishes, ensure that you back up the -*_~/.config/openshift/installer.cfg.yml_* file that was used, as it is required -if you later want to re-run the installation, add hosts to the cluster, or -xref:../../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade your cluster]. Then, -xref:quick-verifying-the-installation[verify the installation]. - -[[quick-verifying-the-installation]] -== Verifying the Installation - -include::install_config/install/advanced_install.adoc[tag=verifying-the-installation] - -Then, see xref:quick-install-whats-next[What's Next] for the next steps on -configuring your OpenShift cluster. - -[[adding-nodes-or-reinstalling-quick]] -== Adding Nodes or Reinstalling the Cluster - -You can use the installer to add nodes to your existing cluster, or to reinstall -the cluster entirely. - -If you installed OpenShift using the installer in either -xref:running-an-interactive-installation[interactive] or -xref:running-an-unattended-installation[unattended] mode, you can re-run the -installation as long as you have an -xref:defining-an-installation-configuration-file[installation configuration -file] at *_~/.config/openshift/installer.cfg.yml_* (or specify a different -location with the `-c` option). - -If you installed using the -xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] -method and therefore do not have an installation configuration file, you can -either try xref:defining-an-installation-configuration-file[creating your own] -based on your cluster's current configuration, or see the advanced installation -method on how to -xref:../../install_config/install/advanced_install.adoc#adding-nodes-advanced[run -the playbook for adding new nodes directly]. - -[IMPORTANT] -==== -The recommended maximum number of nodes is 300. -==== - -To add nodes or reinstall the cluster: - -. Re-run the installer with the `install` subcommand in interactive or -unattended mode: -+ ----- -$ atomic-openshift-installer [-u] [-c ] install ----- - -. The installer will detect your installed environment and allow you to either -add an additional node or perform a clean install: -+ -==== ----- -Gathering information from hosts... -Installed environment detected. -By default the installer only adds new nodes to an installed environment. -Do you want to (1) only add additional nodes or (2) perform a clean install?: ----- -==== -+ -Choose one of the options and follow the on-screen instructions to complete your -desired task. - -[[uninstalling-quick]] -== Uninstalling {product-title} - -You can uninstall {product-title} on all hosts in your cluster using the -installer by running: - ----- -$ atomic-openshift-installer uninstall ----- - -See the -xref:../../install_config/install/advanced_install.adoc#uninstalling-advanced[advanced -installation method] for more options. - -[[quick-install-whats-next]] - -== What's Next? - -Now that you have a working OpenShift Enterprise instance, you can: - -- xref:../../install_config/configuring_authentication.adoc#install-config-configuring-authentication[Configure -authentication]; by default, authentication is set to -xref:../../install_config/configuring_authentication.adoc#DenyAllPasswordIdentityProvider[Deny -All]. -- Configure the automatically-deployed xref:../../install_config/registry/index.adoc#install-config-registry-overview[integrated Docker registry]. -- Configure the automatically-deployed xref:../../install_config/router/index.adoc#install-config-router-overview[router]. -endif::[] diff --git a/install_config/install/rpm_vs_containerized.adoc b/install_config/install/rpm_vs_containerized.adoc index 5ad659bc9eda..c96e0ba74a58 100644 --- a/install_config/install/rpm_vs_containerized.adoc +++ b/install_config/install/rpm_vs_containerized.adoc @@ -17,18 +17,46 @@ This section explores some of the preparation required to install {product-title as a set of services within containers. This applies to hosts using either Red Hat Enterprise Linux or Red Hat Atomic Host. -- For the xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation -method], you can choose between the RPM or containerized method on a per host -basis during the interactive installation, or set the values manually in an -xref:../../install_config/install/quick_install.adoc#defining-an-installation-configuration-file[installation -configuration file]. - -- For the -xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation -method], you can set the Ansible variable `*containerized=true*` in an +The default method for installing {product-title} on +ifdef::openshift-origin[] +Fedora, CentOS, or RHEL +endif::[] +ifdef::openshift-enterprise[] +Red Hat Enterprise Linux (RHEL) +endif::[] +uses RPMs. + +[IMPORTANT] +==== +When targeting a Red Hat Atomic Host system, the containerized method is the +only available option, and is automatically selected for you based on the +detection of the *_/run/ostree-booted_* file. +==== + +The following table outlines the differences between the RPM and Containerized +methods: + +[cols="h,2*",options="header"] +|=== +| |RPM |Containerized + +|Installation Method |Packages via `yum` |Container images via `docker` +|Service Management |`systemd` |`docker` and `systemd` units +|Operating System | Red Hat Enterprise Linux | Red Hat Enterprise Linux or Red Hat Atomic Host +|=== + +[[install-config-install-install-methods-containerized]] +== Install Methods for Containerized Hosts + +As with the RPM installation, advanced installation method for the containerized +install. You can set the Ansible variable `*containerized=true*` in an xref:../../install_config/install/advanced_install.adoc#configuring-ansible[inventory file] on a cluster-wide or per host basis. -ifdef::openshift-enterprise[] + +For the +xref:../../install_config/install/disconnected_install.adoc#install-config-install-disconnected-install[disconnected installation method], to install the etcd container, you can set the Ansible +variable `osm_etcd_image` to be the fully qualified name of the etcd image on +your local registry, for example, `registry.example.com/rhel7/etcd`. [NOTE] @@ -75,20 +103,6 @@ openshift_docker_insecure_registries= openshift_docker_blocked_registries= ---- -ifdef::openshift-enterprise[] -For the quick installation method, you can export the following environment -variables on each target host: - ----- -# export OO_INSTALL_ADDITIONAL_REGISTRIES= -# export OO_INSTALL_INSECURE_REGISTRIES= ----- - - -Blocked Docker registries cannot currently be specified using the quick -installation method. -endif::[] - The configuration of additional, insecure, and blocked Docker registries occurs at the beginning of the installation process to ensure that these settings are applied before attempting to pull any of the required images. diff --git a/install_config/install/stand_alone_registry.adoc b/install_config/install/stand_alone_registry.adoc index 80bdae8ffcce..6b0ea19b48a7 100644 --- a/install_config/install/stand_alone_registry.adoc +++ b/install_config/install/stand_alone_registry.adoc @@ -97,47 +97,7 @@ xref:../../install_config/install/host_preparation.adoc#install-config-install-h [[registry-installation-methods]] == Installation Methods -ifdef::openshift-enterprise[] -To install a stand-alone registry, use either of the standard installation -methods (quick or advanced) used to install any variant of {product-title}. -endif::[] - -ifdef::openshift-origin[] To install a stand-alone registry, use the advanced installation method. -endif::[] - -ifdef::openshift-enterprise[] -[[registry-quick-installation]] -=== Quick Installation for Stand-alone Registries - -When using the quick installation method to install a stand-alone registry, -start the interactive installation by running: - ----- -$ atomic-openshift-installer install ----- - -Then follow the on-screen instructions to install a new registry. The installation questions will be largely the same as if you were installing a full {product-title} PaaS, but when you reach the following screen: - -==== ----- -Which variant would you like to install? - - -(1) OpenShift Container Platform 3.3 -(2) Registry 3.3 ----- -==== - -Be sure to choose `2` to follow the registry installation path. - -[NOTE] -==== -For further usage details on the quick installer in general, see the full topic -at -xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick Installation]. -==== -endif::[] [[registry-advanced-installation]] === Advanced Installation for Stand-alone Registries diff --git a/install_config/router/default_haproxy_router.adoc b/install_config/router/default_haproxy_router.adoc index d02890ec8f49..780da81cabd0 100644 --- a/install_config/router/default_haproxy_router.adoc +++ b/install_config/router/default_haproxy_router.adoc @@ -14,12 +14,10 @@ toc::[] == Overview The `oc adm router` command is provided with the administrator CLI to simplify -the tasks of setting up routers in a new installation. If you followed the -xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick -installation], then a default router was automatically created for you. The `oc -adm router` command creates the service and deployment configuration objects. -Use the `--service-account` option to specify the service account the router -will use to contact the master. +the tasks of setting up routers in a new installation. The `oc adm router` +command creates the service and deployment configuration objects. Use the +`--service-account` option to specify the service account the router will use to +contact the master. The xref:../../install_config/router/index.adoc#creating-the-router-service-account[router @@ -88,10 +86,7 @@ load of the router. [[deploy-router-create-router]] == Creating a Router -The -xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick -installation] process automatically creates a default router. If the router does -not exist, run the following to create a router: +If the router does not already exist, run the following to create one: ifdef::openshift-enterprise[] ---- @@ -116,7 +111,8 @@ environment variables] after router creation. In this case create a router for e Checking the Default Router:: ifdef::openshift-enterprise[] -The default router service account, named *router*, is automatically created during quick and advanced installations. To verify that this account already exists: +The default router service account, named *router*, is automatically created +during advanced installations. To verify that this account already exists: endif::[] ifdef::openshift-origin[] First, ensure you have xref:creating-the-router-service-account[created the diff --git a/install_config/router/index.adoc b/install_config/router/index.adoc index 98afd1692ae3..eeb34d0dc5a5 100644 --- a/install_config/router/index.adoc +++ b/install_config/router/index.adoc @@ -57,7 +57,7 @@ ifdef::openshift-enterprise[] Before deploying an {product-title} cluster, you must have a service account for the router. Starting in {product-title} 3.1, a router xref:../../admin_guide/service_accounts.adoc#admin-guide-service-accounts[service account] -is automatically created during a quick or advanced installation (previously, this required manual creation). This service account has permissions to a +is automatically created during an advanced installation (previously, this required manual creation). This service account has permissions to a xref:../../architecture/additional_concepts/authorization.adoc#security-context-constraints[security context constraint] (SCC) that allows it to specify host ports. // See NB[1] below. diff --git a/install_config/upgrading/automated_upgrades.adoc b/install_config/upgrading/automated_upgrades.adoc index 2184e757e607..f6608b56e195 100644 --- a/install_config/upgrading/automated_upgrades.adoc +++ b/install_config/upgrading/automated_upgrades.adoc @@ -19,11 +19,17 @@ If you installed using the xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] and the inventory file that was used is available, you can use the upgrade playbook to automate the OpenShift cluster upgrade process. + ifdef::openshift-enterprise[] -If you installed using the -xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation] method -and a *_~/.config/openshift/installer.cfg.yml_* file is available, you can use -the installer to perform the automated upgrade. +[NOTE] +==== +If you previously used the `atomic-openshift-installer` command to run your +installation, you can check *_~/.config/openshift/hosts_* (previously located at +*_~/.config/openshift/.ansible/hosts_*) for the last inventory file that the +installer generated, and use or modify that as needed as your inventory file. +You must then specify the file location with `-i` when calling +`ansible-playbook` later. +==== endif::[] The automated upgrade performs the following steps for you: diff --git a/install_config/upgrading/blue_green_deployments.adoc b/install_config/upgrading/blue_green_deployments.adoc index 2a68f6115ba7..b4a605643e5b 100644 --- a/install_config/upgrading/blue_green_deployments.adoc +++ b/install_config/upgrading/blue_green_deployments.adoc @@ -141,9 +141,8 @@ using the selector `type=node`, and all matches are labeled with `color=blue`. Create the new green environment for any node hosts that are to be replaced by adding an equal number of new node hosts to the existing cluster. You can use -either the quick installer or advanced install method as described in -xref:../../install_config/adding_hosts_to_existing_cluster.adoc#adding-nodes-advanced[Adding -Hosts to an Existing Cluster]. +the advanced install method as described in +xref:../../install_config/adding_hosts_to_existing_cluster.adoc#adding-nodes-advanced[Adding Hosts to an Existing Cluster]. When adding these new nodes, use the following Ansible variables: diff --git a/install_config/upgrading/index.adoc b/install_config/upgrading/index.adoc index 00e4e3528e22..fe9313b25a04 100644 --- a/install_config/upgrading/index.adoc +++ b/install_config/upgrading/index.adoc @@ -32,20 +32,24 @@ backward compatible, so upgrading your cluster should go smoothly. However, you should not run mismatched versions longer than necessary to upgrade the entire cluster. -ifdef::openshift-enterprise[] -If you installed using the -xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] or -xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] -and the *_~/.config/openshift/installer.cfg.yml_* or inventory file that was -used is available, -endif::[] -ifdef::openshift-origin[] -Starting with Origin 1.0.6, if you installed using the -xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] and the -inventory file that was used is available, -endif::[] -you can perform an -xref:../../install_config/upgrading/automated_upgrades.adoc#install-config-upgrading-automated-upgrades[automated upgrade]. +[[install-config-upgrading-type]] +== In-place or Blue-Green Upgrades + +There are two methods for performing {product-title} cluster upgrades. You can +either do in-place upgrades (automated or manual), or upgrade using a +blue-green deployment method. + +[discrete] +[[install-config-upgrading-type-inplace]] +==== In-place Upgrades + +With in-place upgrades, the cluster upgrade is performed on all hosts in a +single, running cluster: first masters and then nodes. Pods are evacuated off of +nodes and recreated on other running nodes before a node upgrade begins; this +helps reduce downtime of user applications. + +You can perform an +xref:../../install_config/upgrading/automated_upgrades.adoc#install-config-upgrading-automated-upgrades[automated in-place upgrade] using the inventory file used during installation. Alternatively, you can xref:../../install_config/upgrading/manual_upgrades.adoc#install-config-upgrading-manual-upgrades[upgrade OpenShift manually]. diff --git a/install_config/upgrading/manual_upgrades.adoc b/install_config/upgrading/manual_upgrades.adoc index 9c773702617d..b6199e3dbcc0 100644 --- a/install_config/upgrading/manual_upgrades.adoc +++ b/install_config/upgrading/manual_upgrades.adoc @@ -882,12 +882,10 @@ provides the example JSON files: ---- endif::[] ifdef::openshift-enterprise[] -By default, the xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] and -xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] -methods automatically create default image streams, InstantApp templates, and -database service templates in the *openshift* project, which is a default -project to which all users have view access. These objects were created during -installation from the JSON files located under the +By default, the advanced installation method automatically creates default image +streams, InstantApp templates, and database service templates in the *openshift* +project, which is a default project to which all users have view access. These +objects were created during installation from the JSON files located under the *_/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/_* directory. @@ -1549,7 +1547,7 @@ networkConfig: *Adding the Scheduler Configuration API Version* The scheduler configuration file incorrectly lacked `*kind*` and `*apiVersion*` -fields when deployed using the quick or advanced installation methods. This will +fields when deployed using the advanced installation method. This will affect future upgrades, so it is important to add those values if they do not exist. diff --git a/using_images/xpaas_images/eap.adoc b/using_images/xpaas_images/eap.adoc index 9635bd466cff..7c03a2c57464 100644 --- a/using_images/xpaas_images/eap.adoc +++ b/using_images/xpaas_images/eap.adoc @@ -52,11 +52,9 @@ The following is a list of prerequisites for using the xPaaS JBoss EAP images: . *Acquire Red Hat Subscriptions* - Ensure that you have the relevant subscriptions for OpenShift as well as a subscription for xPaaS Middleware. -. *Install OpenShift* - Before using the xPaaS JBoss EAP images, you must have an OpenShift environment installed and configured: - -.. The xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick Installation] method allows you to install OpenShift using an interactive CLI utility. - -.. The xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] method allows you to install OpenShift using a reference configuration. This method is best suited for production environments. +. *Install OpenShift* - Before using the xPaaS JBoss EAP images, you must have an OpenShift environment installed and configured. The +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] method allows you to install OpenShift using a reference +configuration. . *Install and Deploy Docker Registry* - Install the Docker Registry and then ensure that the Docker Registry is deployed to locally manage images as follows: + @@ -70,7 +68,7 @@ For further information, see xref:../../install_config/registry/index.adoc#insta . *Privileges* - Ensure that you can run the `oc create` command with xref:../../architecture/additional_concepts/authorization.adoc#roles[cluster-admin] privileges. -. *Create Image Streams* - Image streams are configured during the Quick or Advanced OpenShift Installation. If required, manually create the image streams for both versions of the xPaaS JBoss EAP image as follows: +. *Create Image Streams* - Image streams are configured during Advanced OpenShift Installation. If required, manually create the image streams for both versions of the xPaaS JBoss EAP image as follows: + ---- $ oc create -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json -n openshift @@ -81,7 +79,7 @@ $ oc create -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/fil For further information about creating image streams, see xref:../../install_config/imagestreams_templates.adoc#install-config-imagestreams-templates[Loading the Default Image Streams and Templates] ==== -. *Create Instant App Templates* - Instant App templates define a full set of objects for running applications and are configured during the Quick or Advanced OpenShift Installation. If required, create Instant App templates as follows: +. *Create Instant App Templates* - Instant App templates define a full set of objects for running applications and are configured during the Advanced OpenShift Installation. If required, create Instant App templates as follows: .. Create the core Instant App templates: + diff --git a/using_images/xpaas_images/sso.adoc b/using_images/xpaas_images/sso.adoc index dcdabb0932fb..a85e869220b2 100644 --- a/using_images/xpaas_images/sso.adoc +++ b/using_images/xpaas_images/sso.adoc @@ -44,9 +44,9 @@ See the xPaaS part of the https://access.redhat.com/articles/2176281[OpenShift a The following is a list of prerequisites for using the SSO xPaaS image: . *Acquire Red Hat Subscriptions*: Ensure that you have the relevant OpenShift subscriptions as well as a subscription for xPaaS Middleware. -. *Install OpenShift*: Before using the OpenShift xPaaS images, you must have an OpenShift environment installed and configured: -.. The xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick Installation] method allows you to install OpenShift using an interactive CLI utility. -.. The xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] method allows you to install OpenShift using a reference configuration. This method is best suited for production environments. +. *Install OpenShift*: Before using the OpenShift xPaaS images, you must have an OpenShift environment installed and configured. The +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] method allows you to install OpenShift using a reference +configuration. . Ensure the *DNS* has been configured. This is required for communication between JBoss EAP and SSO, and for the requisite redirection. See xref:../../install_config/install/prerequisites.adoc#prereq-dns[DNS] for more information. . *Install and Deploy Docker Registry*: Install the Docker Registry and then ensure that the Docker Registry is deployed to locally manage images: + diff --git a/welcome/index.adoc b/welcome/index.adoc index c67c7e8a7e7c..537364272381 100644 --- a/welcome/index.adoc +++ b/welcome/index.adoc @@ -53,7 +53,7 @@ ifdef::openshift-origin[] * xref:../getting_started/administrators.adoc#getting-started-administrators[As a cluster administrator] endif::[] ifdef::openshift-enterprise[] -* xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[As a cluster administrator] +* xref:../install_config/install/planning.adoc#install-config-install-planning[As a cluster administrator] endif::[] |=== @@ -84,7 +84,7 @@ ifdef::openshift-enterprise,openshift-origin[] .^|[big]#Run Your Own Platform-as-a-Service (PaaS)# a|[none] -* xref:../install_config/index.adoc#install-config-index[Choose a quick or advanced installation of {product-title} at your site] +* xref:../install_config/index.adoc#install-config-index[Perform an advanced installation of {product-title} at your site] * xref:../admin_guide/index.adoc#admin-guide-index[Maintain and administer your {product-title} cluster] |=== From 521678b9eb131f18fa70c4451ecce8bc09c7d160 Mon Sep 17 00:00:00 2001 From: Alex Dellapenta Date: Tue, 28 Nov 2017 07:37:14 -0500 Subject: [PATCH 3/8] Revert "Rm quick install docs/links" This reverts commit eee758719d9f970b27ff66a6312d3b74b07713f9. --- _topic_map.yml | 2 + admin_guide/backup_restore.adoc | 3 + admin_guide/manage_nodes.adoc | 6 + admin_guide/managing_networking.adoc | 4 +- admin_solutions/master_node_config.adoc | 22 +- .../adding_hosts_to_existing_cluster.adoc | 106 ++++- .../configuring_authentication.adoc | 9 +- install_config/configuring_sdn.adoc | 13 + install_config/imagestreams_templates.adoc | 6 +- install_config/install/advanced_install.adoc | 5 + .../install/disconnected_install.adoc | 3 +- install_config/install/host_preparation.adoc | 24 +- install_config/install/index.adoc | 15 +- install_config/install/planning.adoc | 32 +- install_config/install/quick_install.adoc | 376 ++++++++++++++++++ .../install/rpm_vs_containerized.adoc | 30 +- .../install/stand_alone_registry.adoc | 40 ++ .../router/default_haproxy_router.adoc | 18 +- install_config/router/index.adoc | 2 +- .../upgrading/automated_upgrades.adoc | 14 +- .../upgrading/blue_green_deployments.adoc | 5 +- install_config/upgrading/index.adoc | 10 +- install_config/upgrading/manual_upgrades.adoc | 12 +- welcome/index.adoc | 4 +- 24 files changed, 691 insertions(+), 70 deletions(-) create mode 100644 install_config/install/quick_install.adoc diff --git a/_topic_map.yml b/_topic_map.yml index 93d65ab0962f..40bb623de759 100644 --- a/_topic_map.yml +++ b/_topic_map.yml @@ -274,6 +274,8 @@ Topics: File: host_preparation - Name: Installing on Containerized Hosts File: rpm_vs_containerized + - Name: Quick Installation + File: quick_install - Name: Advanced Installation File: advanced_install - Name: Disconnected Installation diff --git a/admin_guide/backup_restore.adoc b/admin_guide/backup_restore.adoc index bf9b4459f2f9..428f33c90c77 100644 --- a/admin_guide/backup_restore.adoc +++ b/admin_guide/backup_restore.adoc @@ -42,6 +42,9 @@ nodes they get rescheduled to. reinstallation, save all the files used in the initial installation. This may include: + +- *_~/.config/openshift/installer.cfg.yml_* (from the +xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick Installation] +method) - Ansible playbooks and inventory files (from the xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] method) diff --git a/admin_guide/manage_nodes.adoc b/admin_guide/manage_nodes.adoc index 58af0b4ce6a4..4fd4c6f0c373 100644 --- a/admin_guide/manage_nodes.adoc +++ b/admin_guide/manage_nodes.adoc @@ -114,6 +114,12 @@ certificates, and other important steps. See the xref:../install_config/install/advanced_install.adoc#adding-nodes-advanced[advanced installation] method for instructions on running the playbook directly. +ifdef::openshift-enterprise[] +Alternatively, if you used the quick installation method, you can +xref:../install_config/adding_hosts_to_existing_cluster.adoc#adding-nodes-or-reinstalling-quick[re-run +the installer to add nodes], which performs the same steps. +endif::[] + [[deleting-nodes]] == Deleting Nodes diff --git a/admin_guide/managing_networking.adoc b/admin_guide/managing_networking.adoc index 1121587b0b5f..e4afbbe3e285 100644 --- a/admin_guide/managing_networking.adoc +++ b/admin_guide/managing_networking.adoc @@ -290,8 +290,8 @@ The egress firewall always allows pods access to the external interface of the node the pod is on for DNS resolution. If your DNS resolution is not handled by something on the local node, then you will need to add egress firewall rules allowing access to the DNS server's IP addresses if you are using domain names -in your pods. The default installer sets up a local dnsmasq, so if you are using -that setup you will not need to add extra rules. +in your pods. The xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[default installer] +sets up a local dnsmasq, so if you are using that setup you will not need to add extra rules. ==== . Use the JSON file to create an EgressNetworkPolicy object: diff --git a/admin_solutions/master_node_config.adoc b/admin_solutions/master_node_config.adoc index 27fc0b875ef9..9c9bc5c90c7d 100644 --- a/admin_solutions/master_node_config.adoc +++ b/admin_solutions/master_node_config.adoc @@ -31,6 +31,8 @@ xref:../architecture/infrastructure_components/kubernetes_infrastructure.adoc#no [[master-node-config-prereq]] == Prerequisites +For testing environments deployed via the +xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[quick install], one master should be sufficient. The quick installation method should not be used for production environments. Production environments should be installed using the xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced install]. In production environments, it is a good idea to use @@ -48,16 +50,17 @@ The only way to successfully run only two masters is if you install etcd on host == Configuring Masters and Nodes -The method you use to configure your master and node configuration files must match the method that was used to install your {product-title} cluster. If you followed the xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced installation] +The method you use to configure your master and node configuration files must match the method that was used to install your {product-title} cluster. If you followed the: + +- xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced installation] method using Ansible, then make your configuration changes xref:../admin_solutions/master_node_config.adoc#master-node-config-ansible[in the Ansible playbook]. +- xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick installation] ifdef::openshift-origin[] -If you followed the -xref:../getting_started/administrators.adoc#getting-started-administrators[Manual -installation] method, then make your changes -xref:../admin_solutions/master_node_config.adoc#master-node-config-manual[manually -in the configuration files] themselves. -endif::[] +or link:https://docs.openshift.org/latest/getting_started/administrators.html[Manual installation] +endif::openshift-origin[] +method, then make your changes +xref:../admin_solutions/master_node_config.adoc#master-node-config-manual[manually in the configuration files] themselves. [[master-node-config-ansible]] === Making Configuration Changes Using Ansible @@ -136,8 +139,9 @@ https://github.com/openshift/openshift-ansible/blob/master/inventory/byo/hosts.o [[master-node-config-manual]] === Making Manual Configuration Changes -You can make manual modifications to the master and node configuration files to -customize your cluster. +After installing {product-title} using the +xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[quick install], +you can make modifications to the master and node configuration files to customize your cluster. *Use Case: Configure the cluster to use HTPasswd authentication* diff --git a/install_config/adding_hosts_to_existing_cluster.adoc b/install_config/adding_hosts_to_existing_cluster.adoc index 7957dadf97b8..7e8a76c6db73 100644 --- a/install_config/adding_hosts_to_existing_cluster.adoc +++ b/install_config/adding_hosts_to_existing_cluster.adoc @@ -13,8 +13,92 @@ toc::[] == Overview -You can add new hosts (either nodes or masters) to your installation using the -*_scaleup.yml_* playbook for advanced installations. +Depending on how your {product-title} cluster was installed, you can add new +hosts (either nodes or masters) to your installation by using the install tool +for quick installations, or by using the *_scaleup.yml_* playbook for advanced +installations. + +[[adding-nodes-or-reinstalling-quick]] +== Adding Hosts Using the Quick Installer Tool + +If you used the quick install tool to install your {product-title} cluster, you +can use the quick install tool to add a new node host to your existing cluster. + +[NOTE] +==== +Currently, you can not use the quick installer tool to add new master hosts. You +must use the +xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced +installation] method to do so. +==== + +If you used the installer in either +xref:../install_config/install/quick_install.adoc#running-an-interactive-installation[interactive] or +xref:../install_config/install/quick_install.adoc#running-an-unattended-installation[unattended] mode, you can re-run the +installation as long as you have an +xref:../install_config/install/quick_install.adoc#defining-an-installation-configuration-file[installation configuration +file] at *_~/.config/openshift/installer.cfg.yml_* (or specify a different +location with the `-c` option). + +//// +If you installed using the +xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced +installation] method and therefore do not have an installation configuration +file, you can either try +xref:../install_config/install/quick_install.adoc#defining-an-installation-configuration-file[creating your own] based on +your cluster's current configuration, or see the advanced installation method on +how to +xref:adding-nodes-advanced[run the playbook for adding new nodes directly]. +//// + +[IMPORTANT] +==== +The recommended maximum number of nodes is 300. +==== + +To add nodes to your installation: + +. Ensure you have the latest installer and playbooks by updating the +*openshift-ansible* packages: ++ +---- +# yum update openshift-ansible +---- + +. Run the installer with the `scaleup` subcommand in interactive or +unattended mode: ++ +---- +# atomic-openshift-installer [-u] [-c ] scaleup +---- + +. The installer detects your current environment and allows you to add additional nodes: ++ +---- +*** Installation Summary *** + +Hosts: +- 100.100.1.1 + - OpenShift master + - OpenShift node + - Etcd (Embedded) + - Storage + +Total OpenShift masters: 1 +Total OpenShift nodes: 1 + + +--- + +We have detected this previously installed OpenShift environment. + +This tool will guide you through the process of adding additional +nodes to your cluster. + +Are you ready to continue? [y/N]: +---- ++ +Choose (y) and follow the on-screen instructions to complete your desired task. [[adding-nodes-advanced]] == Adding Hosts Using the Advanced Install @@ -24,13 +108,27 @@ cluster by running the *_scaleup.yml_* playbook. This playbook queries the master, generates and distributes new certificates for the new hosts, then runs the configuration playbooks on the new hosts only. Before running the *_scaleup.yml_* playbook, complete all prerequisite -xref:../install_config/install/host_preparation.adoc#install-config-install-host-preparation[host preparation] steps. +xref:../install_config/install/host_preparation.adoc#install-config-install-host-preparation[host +preparation] steps. + + +ifdef::openshift-enterprise[] +This process is similar to re-running the installer in the +xref:adding-nodes-or-reinstalling-quick[quick installation method to add nodes], +however you have more configuration options available when using the advanced +method and when running the playbooks directly. +endif::[] You must have an existing inventory file (for example, *_/etc/ansible/hosts_*) that is representative of your current cluster configuration in order to run the *_scaleup.yml_* playbook. ifdef::openshift-enterprise[] - +If you previously used the `atomic-openshift-installer` command to run your +installation, you can check *_~/.config/openshift/hosts_* (previously located at +*_~/.config/openshift/.ansible/hosts_*) for the last inventory file that the +installer generated, and use or modify that as needed as your inventory file. +You must then specify the file location with `-i` when calling +`ansible-playbook` later. endif::[] [IMPORTANT] diff --git a/install_config/configuring_authentication.adoc b/install_config/configuring_authentication.adoc index ffb45ce1d2e4..fdd1c8520837 100644 --- a/install_config/configuring_authentication.adoc +++ b/install_config/configuring_authentication.adoc @@ -26,8 +26,13 @@ xref:identity-providers[identity provider]. This can be done during an xref:../install_config/install/advanced_install.adoc#configuring-cluster-variables[advanced installation] or configured after installation. -If you installed {product-title} using the -xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] method, the +If you installed {product-title} using +the +ifdef::openshift-enterprise[] +xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick Installation] or +endif::[] +xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[Advanced Installation] +method, the ifdef::openshift-enterprise[] xref:DenyAllPasswordIdentityProvider[Deny All] identity provider is used by default, which denies access for all user names and diff --git a/install_config/configuring_sdn.adoc b/install_config/configuring_sdn.adoc index fe74fbfc929b..b3e7f97d468b 100644 --- a/install_config/configuring_sdn.adoc +++ b/install_config/configuring_sdn.adoc @@ -72,6 +72,8 @@ xref:../install_config/install/advanced_install.adoc#configuring-cluster-variabl which is configurable in the Ansible inventory file. .Example SDN Configuration with Ansible +==== + ---- # Configure the multi-tenant SDN plugin (default is 'redhat/openshift-ovs-subnet') # os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' @@ -107,6 +109,15 @@ which is configurable in the Ansible inventory file. # or userspace for the userspace proxy. #openshift_node_proxy_mode=iptables ---- +==== + +ifdef::openshift-enterprise[] +For initial xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installations], +the *ovs-subnet* plug-in is installed and configured by default as well, and can +be +xref:../install_config/master_node_configuration.adoc#master-configuration-files[reconfigured post-installation] +using the `*networkConfig*` stanza of the *_master-config.yaml_* file. +endif::[] [[configuring-the-pod-network-on-masters]] == Configuring the Pod Network on Masters @@ -389,3 +400,5 @@ ONBOOT=yes DEFTROUTE=no PEERDNS=no ---- + + diff --git a/install_config/imagestreams_templates.adoc b/install_config/imagestreams_templates.adoc index d445b9392d06..15c11267c52c 100644 --- a/install_config/imagestreams_templates.adoc +++ b/install_config/imagestreams_templates.adoc @@ -17,8 +17,10 @@ ifdef::openshift-enterprise[] Your OpenShift installation includes useful sets of Red Hat-provided xref:../architecture/core_concepts/builds_and_image_streams.adoc#image-streams[image streams] and xref:../dev_guide/templates.adoc#dev-guide-templates[templates] to -make it easy for developers to create new applications. By default, advanced installation -method automatically creates these sets in the *openshift* project, which is a +make it easy for developers to create new applications. By default, the +xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] and +xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] +methods automatically create these sets in the *openshift* project, which is a default global project to which all users have view access. endif::[] diff --git a/install_config/install/advanced_install.adoc b/install_config/install/advanced_install.adoc index 6fe51b47cf2f..5270480b5dd1 100644 --- a/install_config/install/advanced_install.adoc +++ b/install_config/install/advanced_install.adoc @@ -43,6 +43,11 @@ xref:running-the-advanced-installation-system-container[containerized version of Technology Preview feature. ==== +ifdef::openshift-enterprise[] +Alternatively, you can use the xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation] +method if you prefer an interactive installation experience. +endif::[] + [NOTE] ==== To install {product-title} as a stand-alone registry, see diff --git a/install_config/install/disconnected_install.adoc b/install_config/install/disconnected_install.adoc index 4e17df2ba313..59446e6907e9 100644 --- a/install_config/install/disconnected_install.adoc +++ b/install_config/install/disconnected_install.adoc @@ -444,7 +444,8 @@ builder images: [[disconnected-running-the-openshift-installer]] === Running the {product-title} Installer -You can now follow the +You can now choose to follow the +xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] or xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced] {product-title} installation instructions in the documentation. diff --git a/install_config/install/host_preparation.adoc b/install_config/install/host_preparation.adoc index 21421a041dcf..58767602fb11 100644 --- a/install_config/install/host_preparation.adoc +++ b/install_config/install/host_preparation.adoc @@ -131,11 +131,14 @@ xref:../../install_config/install/advanced_install.adoc#running-the-advanced-ins .. Skip to xref:installing-docker[Installing Docker]. -. Install the following package, which provides the Ansible playbooks and related -configuration files needed for installation: +. Install the following package, which provides RPM-based {product-title} +installer utilities and pulls in other tools required by the +xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] +and +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] methods, such as Ansible and related configuration files: + ---- -# yum install openshift-ansible +# yum install atomic-openshift-utils ---- endif::[] @@ -548,10 +551,16 @@ Logging Drivers]. == Ensuring Host Access -The xref:advanced_install.adoc#install-config-install-advanced-install[advanced -installation] method requires a user that has access to all hosts. If you want -to run the installer as a non-root user, passwordless *sudo* rights must be -configured on each destination host. +ifdef::openshift-origin[] +The xref:advanced_install.adoc#install-config-install-advanced-install[advanced installation] method requires +endif::[] +ifdef::openshift-enterprise[] +The xref:quick_install.adoc#install-config-install-quick-install[quick] and xref:advanced_install.adoc#install-config-install-advanced-install[advanced +installation] methods require +endif::[] +a user that has access to all hosts. If you want to run the installer as a +non-root user, passwordless *sudo* rights must be configured on each destination +host. For example, you can generate an SSH key on the host where you will invoke the installation process: @@ -583,6 +592,7 @@ xref:../../install_config/install/rpm_vs_containerized.adoc#install-config-insta to prepare your hosts. When you are ready to proceed, you can install {product-title} using the +xref:quick_install.adoc#install-config-install-quick-install[quick installation] or xref:advanced_install.adoc#install-config-install-advanced-install[advanced installation] method. endif::[] diff --git a/install_config/install/index.adoc b/install_config/install/index.adoc index e1f1542325bc..d5380d13159d 100644 --- a/install_config/install/index.adoc +++ b/install_config/install/index.adoc @@ -7,6 +7,13 @@ :experimental: :prewrap!: +ifdef::openshift-enterprise[] +The xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation] +method allows you to use an interactive CLI utility to install {product-title} +across a set of hosts. This installer is a self-contained wrapper intended for +usage on a Red Hat Enterprise Linux 7 host. +endif::[] + ifdef::openshift-origin[] You can quickly get OpenShift Origin running by choosing an installation method in xref:../../getting_started/administrators.adoc#getting-started-administrators[Getting Started for @@ -16,10 +23,14 @@ endif::[] ifdef::openshift-origin,openshift-enterprise,openshift-dedicated[] For production environments, a reference configuration implemented using Ansible playbooks is available as the -xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] method. +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] +method. -Before beginning with the installation, start with the +[NOTE] +==== +Before beginning either installation method, start with the xref:../../install_config/install/prerequisites.adoc#install-config-install-prerequisites[Prerequisites] topic. +==== endif::[] ifdef::atomic-registry[] diff --git a/install_config/install/planning.adoc b/install_config/install/planning.adoc index 7a566898cc5b..9004e92b4300 100644 --- a/install_config/install/planning.adoc +++ b/install_config/install/planning.adoc @@ -17,6 +17,10 @@ toc::[] For production environments, several factors influence installation. Consider the following questions as you read through the documentation: +* _Which installation method do you want to use?_ The xref:installation-methods[Installation Methods] +section provides some information about the quick and advanced installation +methods. + * _How many hosts do you require in the cluster?_ The xref:environment-scenarios[Environment Scenarios] section provides multiple examples of Single Master and Multiple Master configurations. @@ -36,14 +40,26 @@ have a preference for a particular method of installing, managing, and updating your services. [[installation-methods]] -== Installation Method - -The advanced installation method is supported for development and production -environments. Providing the most control over your cluster’s configuration, this -method is particularly suited if you are already familiar with Ansible. However, -following along with the {product-title} documentation should equip you with -enough information to reliably deploy your cluster and continue to manage its -configuration post-deployment using the provided Ansible playbooks directly. +== Installation Methods + +Both the quick and advanced installation methods are supported for development +and production environments. If you want to quickly get {product-title} up and +running to try out for the first time, use the quick installer and let the +interactive CLI guide you through the configuration options relevant to your +environment. + +For the most control over your cluster’s configuration, you can use the advanced +installation method. This method is particularly suited if you are already +familiar with Ansible. However, following along with the {product-title} +documentation should equip you with enough information to reliably deploy your +cluster and continue to manage its configuration post-deployment using the +provided Ansible playbooks directly. + +If you install initially using the quick installer, you can always further tweak +your cluster’s configuration and adjust the number of hosts in the cluster using +the same installer tool. If you wanted to later switch to using the advanced +method, you can create an inventory file for your configuration and carry on +that way. [[sizing]] == Sizing Considerations diff --git a/install_config/install/quick_install.adoc b/install_config/install/quick_install.adoc new file mode 100644 index 000000000000..b0edb46bbbb4 --- /dev/null +++ b/install_config/install/quick_install.adoc @@ -0,0 +1,376 @@ +[[install-config-install-quick-install]] += Quick Installation +{product-author} +{product-version} +:data-uri: +:icons: +:experimental: +:toc: macro +:toc-title: +:prewrap!: + +ifdef::openshift-origin[] +You can quickly get {product-title} running by choosing an installation method +in xref:../../getting_started/administrators.adoc#getting-started-administrators[Getting Started for +Administrators]. +endif::[] + +ifdef::openshift-enterprise[] +toc::[] + +== Overview +The _quick installation_ method allows you to use an interactive CLI utility, +the `atomic-openshift-installer` command, to install {product-title} across a +set of hosts. This installer can deploy {product-title} components on targeted +hosts by either installing RPMs or running containerized services. + +[IMPORTANT] +==== +While RHEL Atomic Host is supported for running containerized {product-title} +services, the installer is +xref:../../install_config/install/host_preparation.adoc#software-prerequisites[provided +by an RPM] and not available by default in RHEL Atomic Host. Therefore, it must +be run from a Red Hat Enterprise Linux 7 system. The host initiating the +installation does not need to be intended for inclusion in the {product-title} +cluster, but it can be. +==== + +This installation method is provided to make the installation experience easier +by xref:running-an-interactive-installation[interactively gathering the data] +needed to run on each host. The installer is a self-contained wrapper intended +for usage on a Red Hat Enterprise Linux (RHEL) 7 system. + +In addition to running xref:running-an-interactive-installation[interactive +installations] from scratch, the `atomic-openshift-installer` command can also +be run or re-run using a predefined installation configuration file. This file +can be used with the installer to: + +- run an xref:running-an-unattended-installation[unattended installation], +- xref:../../install_config/adding_hosts_to_existing_cluster.adoc#adding-nodes-or-reinstalling-quick[add nodes] to an existing cluster, +- xref:../../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade your cluster], or +- xref:../../install_config/adding_hosts_to_existing_cluster.adoc#adding-nodes-or-reinstalling-quick[reinstall] the {product-title} cluster +completely. +endif::[] + +Alternatively, you can use the xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] +method for more complex environments. + +ifdef::openshift-enterprise[] + +[NOTE] +==== +To install {product-title} as a stand-alone registry, see +xref:../../install_config/install/stand_alone_registry.adoc#install-config-installing-stand-alone-registry[Installing a Stand-alone Registry]. +==== + +[[quick-before-you-begin]] + +== Before You Begin + +The installer allows you to install {product-title} +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[master] +and +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[node] +components on a defined set of hosts. + +[NOTE] +==== +By default, any hosts you designate as masters during the installation process +are automatically also configured as nodes so that the masters are configured as +part of the +xref:../../architecture/networking/network_plugins.adoc#openshift-sdn[{product-title} +SDN]. The node component on the masters, however, are marked unschedulable, +which blocks pods from being scheduled on it. After the installation, you can +xref:../../admin_guide/manage_nodes.adoc#marking-nodes-as-unschedulable-or-schedulable[mark +them schedulable] if you want. +==== + +Before installing {product-title}, you must first +xref:../../install_config/install/prerequisites.adoc#install-config-install-prerequisites[satisfy the prerequisites] +on your hosts, which includes verifying system and environment requirements and +properly installing and configuring Docker. You must also be prepared to provide +or validate the following information for each of your targeted hosts during the +course of the installation: + +- User name on the target host that should run the Ansible-based installation +(can be root or non-root) +- Host name +- Whether to install components for master, node, or both +- Whether to use the RPM or containerized method +- Internal and external IP addresses + +[IMPORTANT] +==== +If you are installing {product-title} using the containerized method +(optional for RHEL but required for RHEL Atomic Host), see the +xref:../../install_config/install/rpm_vs_containerized.adoc#install-config-install-rpm-vs-containerized[Installing on +Containerized Hosts] topic to ensure that you understand the differences between these +methods, then return to this topic to continue. +==== + +After following the instructions in the +xref:../../install_config/install/prerequisites.adoc#install-config-install-prerequisites[Prerequisites] topic and +deciding between the RPM and containerized methods, you can continue to running +an xref:running-an-interactive-installation[interactive] or +xref:running-an-unattended-installation[unattended] installation. + +[[running-an-interactive-installation]] + +== Running an Interactive Installation + +[NOTE] +==== +Ensure you have read through xref:quick-before-you-begin[Before You Begin]. +==== + +You can start the interactive installation by running: + +---- +$ atomic-openshift-installer install +---- + +Then follow the on-screen instructions to install a new {product-title} cluster. + +After it has finished, ensure that you back up the +*_~/.config/openshift/installer.cfg.yml_* +xref:defining-an-installation-configuration-file[installation configuration +file] that is created, as it is required if you later want to re-run the +installation, add hosts to the cluster, or +xref:../../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade your cluster]. Then, +xref:quick-verifying-the-installation[verify the installation]. + +[[defining-an-installation-configuration-file]] + +== Defining an Installation Configuration File + +The installer can use a predefined installation configuration file, which +contains information about your installation, individual hosts, and cluster. +When running an xref:running-an-interactive-installation[interactive +installation], an installation configuration file based on your answers is +created for you in *_~/.config/openshift/installer.cfg.yml_*. The file is +created if you are instructed to exit the installation to manually modify the +configuration or when the installation completes. You can also create the +configuration file manually from scratch to perform an +xref:running-an-unattended-installation[unattended installation]. + +.Installation Configuration File Specification +[source,yaml] +---- +version: v2 <1> +variant: openshift-enterprise <2> +variant_version: 3.7 <3> +ansible_log_path: /tmp/ansible.log <4> +deployment: + ansible_ssh_user: root <5> + hosts: <6> + - ip: 10.0.0.1 <7> + hostname: master-private.example.com <7> + public_ip: 24.222.0.1 <8> + public_hostname: master.example.com <8> + roles: <9> + - master + - node + containerized: true <10> + connect_to: 24.222.0.1 <11> + - ip: 10.0.0.2 + hostname: node1-private.example.com + public_ip: 24.222.0.2 + public_hostname: node1.example.com + node_labels: {'region': 'infra'} <12> + roles: + - node + connect_to: 10.0.0.2 + - ip: 10.0.0.3 + hostname: node2-private.example.com + public_ip: 24.222.0.3 + public_hostname: node2.example.com + roles: + - node + connect_to: 10.0.0.3 + roles: <13> + master: + : "" <14> + : "" + node: + : "" <14> +---- +<1> The version of this installation configuration file. As of {product-title} 3.3, +the only valid version here is `v2`. +<2> The {product-title} variant to install. For {product-title}, set this to +`openshift-enterprise`. +<3> A valid version of your selected variant: `3.7`, `3.6`, `3.5`, `3.4`, `3.3`, +`3.2`, or `3.1`. If not specified, this defaults to the latest version for the +specified variant. +<4> Defines where the Ansible logs are stored. By default, this is the +*_/tmp/ansible.log_* file. +<5> Defines which user Ansible uses to SSH in to remote systems for gathering +facts and for the installation. By default, this is the root user, but you can +set it to any user that has *sudo* privileges. +<6> Defines a list of the hosts onto which you want to install the {product-title} +master and node components. +<7> Required. Allows the installer to connect to the system and gather facts +before proceeding with the install. +<8> Required for unattended installations. If these details are not specified, +then this information is pulled from the facts gathered by the installer, and +you are asked to confirm the details. If undefined for an unattended +installation, the installation fails. +<9> Determines the type of services that are installed. Specified as a list. +<10> If set to *true*, containerized {product-title} services are run on target master +and node hosts instead of installed using RPM packages. If set to *false* or +unset, the default RPM method is used. RHEL Atomic Host requires the +containerized method, and is automatically selected for you based on the +detection of the *_/run/ostree-booted_* file. See +xref:../../install_config/install/rpm_vs_containerized.adoc#install-config-install-rpm-vs-containerized[Installing on +Containerized Hosts] for more details. +<11> The IP address that Ansible attempts to connect to when installing, +upgrading, or uninstalling the systems. If the configuration file was +auto-generated, then this is the value you first enter for the host during that +interactive install process. +<12> Node labels can optionally be set per-host. +<13> Defines a dictionary of roles across the deployment. +<14> Any ansible variables that should only be applied to hosts assigned a role can be defined. +For examples, see xref:../../install_config/install/advanced_install.adoc#configuring-ansible[Configuring Ansible]. + +[[running-an-unattended-installation]] + +== Running an Unattended Installation + +[NOTE] +==== +Ensure you have read through the xref:quick-before-you-begin[Before You Begin]. +==== + +Unattended installations allow you to define your hosts and cluster +configuration in an +xref:defining-an-installation-configuration-file[installation configuration +file] before running the installer so that you do not have to go through all of +the xref:running-an-interactive-installation[interactive installation] +questions and answers. It also allows you to resume an interactive installation +you may have left unfinished, and quickly get back to where you left off. + +To run an unattended installation, first define an +xref:defining-an-installation-configuration-file[installation configuration +file] at *_~/.config/openshift/installer.cfg.yml_*. Then, run the installer with +the `-u` flag: + +---- +$ atomic-openshift-installer -u install +---- + +By default in interactive or unattended mode, the installer uses the +configuration file located at *_~/.config/openshift/installer.cfg.yml_* if the +file exists. If it does not exist, attempting to start an unattended +installation fails. + +Alternatively, you can specify a different location for the configuration file +using the `-c` option, but doing so will require you to specify the file +location every time you run the installation: + +---- +$ atomic-openshift-installer -u -c install +---- + +After the unattended installation finishes, ensure that you back up the +*_~/.config/openshift/installer.cfg.yml_* file that was used, as it is required +if you later want to re-run the installation, add hosts to the cluster, or +xref:../../install_config/upgrading/index.adoc#install-config-upgrading-index[upgrade your cluster]. Then, +xref:quick-verifying-the-installation[verify the installation]. + +[[quick-verifying-the-installation]] +== Verifying the Installation + +include::install_config/install/advanced_install.adoc[tag=verifying-the-installation] + +. Then, see xref:quick-install-whats-next[What's Next] for the next steps on +configuring your {product-title} cluster. + +//// +[[adding-nodes-or-reinstalling-quick]] +== Adding Nodes or Reinstalling the Cluster + +You can use the installer to add nodes to your existing cluster, or to reinstall +the cluster entirely. + +If you installed {product-title} using the installer in either +xref:running-an-interactive-installation[interactive] or +xref:running-an-unattended-installation[unattended] mode, you can re-run the +installation as long as you have an +xref:defining-an-installation-configuration-file[installation configuration +file] at *_~/.config/openshift/installer.cfg.yml_* (or specify a different +location with the `-c` option). + +If you installed using the +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] +method and therefore do not have an installation configuration file, you can +either try xref:defining-an-installation-configuration-file[creating your own] +based on your cluster's current configuration, or see the advanced installation +method on how to +xref:../../install_config/adding_hosts_to_existing_cluster.adoc#adding-nodes-advanced[run +the playbook for adding new nodes directly]. + +[IMPORTANT] +==== +The recommended maximum number of nodes is 300. +==== + +To add nodes or reinstall the cluster: + +. Re-run the installer with the `install` subcommand in interactive or +unattended mode: ++ +---- +$ atomic-openshift-installer [-u] [-c ] install +---- + +. The installer will detect your installed environment and allow you to either +add an additional node or perform a clean install: ++ +==== +---- +Gathering information from hosts... +Installed environment detected. +By default the installer only adds new nodes to an installed environment. +Do you want to (1) only add additional nodes or (2) perform a clean install?: +---- +==== ++ +Choose one of the options and follow the on-screen instructions to complete your +desired task. +//// + +[[uninstalling-quick]] +== Uninstalling {product-title} + +You can uninstall {product-title} from all hosts in your cluster using the +installer's `uninstall` command. By default, the installer uses the installation +configuration file located at *_~/.config/openshift/installer.cfg.yml_* if the +file exists: + +---- +$ atomic-openshift-installer uninstall +---- + +Alternatively, you can specify a different location for the configuration file +using the `-c` option: + +---- +$ atomic-openshift-installer -c uninstall +---- + +See the +xref:../../install_config/install/advanced_install.adoc#uninstalling-advanced[advanced +installation method] for more options. + +[[quick-install-whats-next]] + +== What's Next? + +Now that you have a working {product-title} instance, you can: + +- xref:../../install_config/configuring_authentication.adoc#install-config-configuring-authentication[Configure +authentication]; by default, authentication is set to +xref:../../install_config/configuring_authentication.adoc#DenyAllPasswordIdentityProvider[Deny +All]. +- Configure the automatically-deployed xref:../../install_config/registry/index.adoc#install-config-registry-overview[integrated Docker registry]. +- Configure the automatically-deployed xref:../../install_config/router/index.adoc#install-config-router-overview[router]. +endif::[] diff --git a/install_config/install/rpm_vs_containerized.adoc b/install_config/install/rpm_vs_containerized.adoc index c96e0ba74a58..dd18b3855aa7 100644 --- a/install_config/install/rpm_vs_containerized.adoc +++ b/install_config/install/rpm_vs_containerized.adoc @@ -48,13 +48,21 @@ methods: [[install-config-install-install-methods-containerized]] == Install Methods for Containerized Hosts -As with the RPM installation, advanced installation method for the containerized -install. You can set the Ansible variable `*containerized=true*` in an +As with the RPM installation, you can choose between the xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] and xref:../../install_config/install/quick_install.adoc#defining-an-installation-configuration-file[advanced] install methods for the containerized install. + +For the quick installation method, you can choose between the RPM or +containerized method on a per host basis during the interactive installation, or +set the values manually in an +xref:../../install_config/install/quick_install.adoc#defining-an-installation-configuration-file[installation +configuration file]. + +For the advanced installation method, you can set the Ansible variable +`*containerized=true*` in an xref:../../install_config/install/advanced_install.adoc#configuring-ansible[inventory file] on a cluster-wide or per host basis. -For the -xref:../../install_config/install/disconnected_install.adoc#install-config-install-disconnected-install[disconnected installation method], to install the etcd container, you can set the Ansible +For the xref:../../install_config/install/disconnected_install.html[disconnected +installation method], to install the etcd container, you can set the Ansible variable `osm_etcd_image` to be the fully qualified name of the etcd image on your local registry, for example, `registry.example.com/rhel7/etcd`. @@ -103,6 +111,20 @@ openshift_docker_insecure_registries= openshift_docker_blocked_registries= ---- +ifdef::openshift-enterprise[] +For the quick installation method, you can export the following environment +variables on each target host: + +---- +# export OO_INSTALL_ADDITIONAL_REGISTRIES= +# export OO_INSTALL_INSECURE_REGISTRIES= +---- + + +Blocked Docker registries cannot currently be specified using the quick +installation method. +endif::[] + The configuration of additional, insecure, and blocked Docker registries occurs at the beginning of the installation process to ensure that these settings are applied before attempting to pull any of the required images. diff --git a/install_config/install/stand_alone_registry.adoc b/install_config/install/stand_alone_registry.adoc index 6b0ea19b48a7..8017e778cfb6 100644 --- a/install_config/install/stand_alone_registry.adoc +++ b/install_config/install/stand_alone_registry.adoc @@ -97,7 +97,47 @@ xref:../../install_config/install/host_preparation.adoc#install-config-install-h [[registry-installation-methods]] == Installation Methods +ifdef::openshift-enterprise[] +To install a stand-alone registry, use either of the standard installation +methods (quick or advanced) used to install any variant of {product-title}. +endif::[] + +ifdef::openshift-origin[] To install a stand-alone registry, use the advanced installation method. +endif::[] + +ifdef::openshift-enterprise[] +[[registry-quick-installation]] +=== Quick Installation for Stand-alone OpenShift Container Registry + +When using the quick installation method to install stand-alone OCR, start the +interactive installation by running: + +---- +$ atomic-openshift-installer install +---- + +Then follow the on-screen instructions to install a new registry. The installation questions will be largely the same as if you were installing a full {product-title} PaaS, but when you reach the following screen: + +==== +---- +Which variant would you like to install? + + +(1) OpenShift Container Platform +(2) Registry +---- +==== + +Be sure to choose `2` to follow the registry installation path. + +[NOTE] +==== +For further usage details on the quick installer in general, see the full topic +at +xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[Quick Installation]. +==== +endif::[] [[registry-advanced-installation]] === Advanced Installation for Stand-alone Registries diff --git a/install_config/router/default_haproxy_router.adoc b/install_config/router/default_haproxy_router.adoc index 780da81cabd0..d02890ec8f49 100644 --- a/install_config/router/default_haproxy_router.adoc +++ b/install_config/router/default_haproxy_router.adoc @@ -14,10 +14,12 @@ toc::[] == Overview The `oc adm router` command is provided with the administrator CLI to simplify -the tasks of setting up routers in a new installation. The `oc adm router` -command creates the service and deployment configuration objects. Use the -`--service-account` option to specify the service account the router will use to -contact the master. +the tasks of setting up routers in a new installation. If you followed the +xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick +installation], then a default router was automatically created for you. The `oc +adm router` command creates the service and deployment configuration objects. +Use the `--service-account` option to specify the service account the router +will use to contact the master. The xref:../../install_config/router/index.adoc#creating-the-router-service-account[router @@ -86,7 +88,10 @@ load of the router. [[deploy-router-create-router]] == Creating a Router -If the router does not already exist, run the following to create one: +The +xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick +installation] process automatically creates a default router. If the router does +not exist, run the following to create a router: ifdef::openshift-enterprise[] ---- @@ -111,8 +116,7 @@ environment variables] after router creation. In this case create a router for e Checking the Default Router:: ifdef::openshift-enterprise[] -The default router service account, named *router*, is automatically created -during advanced installations. To verify that this account already exists: +The default router service account, named *router*, is automatically created during quick and advanced installations. To verify that this account already exists: endif::[] ifdef::openshift-origin[] First, ensure you have xref:creating-the-router-service-account[created the diff --git a/install_config/router/index.adoc b/install_config/router/index.adoc index eeb34d0dc5a5..98afd1692ae3 100644 --- a/install_config/router/index.adoc +++ b/install_config/router/index.adoc @@ -57,7 +57,7 @@ ifdef::openshift-enterprise[] Before deploying an {product-title} cluster, you must have a service account for the router. Starting in {product-title} 3.1, a router xref:../../admin_guide/service_accounts.adoc#admin-guide-service-accounts[service account] -is automatically created during an advanced installation (previously, this required manual creation). This service account has permissions to a +is automatically created during a quick or advanced installation (previously, this required manual creation). This service account has permissions to a xref:../../architecture/additional_concepts/authorization.adoc#security-context-constraints[security context constraint] (SCC) that allows it to specify host ports. // See NB[1] below. diff --git a/install_config/upgrading/automated_upgrades.adoc b/install_config/upgrading/automated_upgrades.adoc index f6608b56e195..2184e757e607 100644 --- a/install_config/upgrading/automated_upgrades.adoc +++ b/install_config/upgrading/automated_upgrades.adoc @@ -19,17 +19,11 @@ If you installed using the xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] and the inventory file that was used is available, you can use the upgrade playbook to automate the OpenShift cluster upgrade process. - ifdef::openshift-enterprise[] -[NOTE] -==== -If you previously used the `atomic-openshift-installer` command to run your -installation, you can check *_~/.config/openshift/hosts_* (previously located at -*_~/.config/openshift/.ansible/hosts_*) for the last inventory file that the -installer generated, and use or modify that as needed as your inventory file. -You must then specify the file location with `-i` when calling -`ansible-playbook` later. -==== +If you installed using the +xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation] method +and a *_~/.config/openshift/installer.cfg.yml_* file is available, you can use +the installer to perform the automated upgrade. endif::[] The automated upgrade performs the following steps for you: diff --git a/install_config/upgrading/blue_green_deployments.adoc b/install_config/upgrading/blue_green_deployments.adoc index b4a605643e5b..2a68f6115ba7 100644 --- a/install_config/upgrading/blue_green_deployments.adoc +++ b/install_config/upgrading/blue_green_deployments.adoc @@ -141,8 +141,9 @@ using the selector `type=node`, and all matches are labeled with `color=blue`. Create the new green environment for any node hosts that are to be replaced by adding an equal number of new node hosts to the existing cluster. You can use -the advanced install method as described in -xref:../../install_config/adding_hosts_to_existing_cluster.adoc#adding-nodes-advanced[Adding Hosts to an Existing Cluster]. +either the quick installer or advanced install method as described in +xref:../../install_config/adding_hosts_to_existing_cluster.adoc#adding-nodes-advanced[Adding +Hosts to an Existing Cluster]. When adding these new nodes, use the following Ansible variables: diff --git a/install_config/upgrading/index.adoc b/install_config/upgrading/index.adoc index fe9313b25a04..44d41fc054bc 100644 --- a/install_config/upgrading/index.adoc +++ b/install_config/upgrading/index.adoc @@ -48,8 +48,14 @@ single, running cluster: first masters and then nodes. Pods are evacuated off of nodes and recreated on other running nodes before a node upgrade begins; this helps reduce downtime of user applications. -You can perform an -xref:../../install_config/upgrading/automated_upgrades.adoc#install-config-upgrading-automated-upgrades[automated in-place upgrade] using the inventory file used during installation. +If you installed using the +ifdef::openshift-enterprise[] +xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] or +endif::[] +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] +and the *_~/.config/openshift/installer.cfg.yml_* or inventory file that was +used is available, you can perform an +xref:../../install_config/upgrading/automated_upgrades.adoc#install-config-upgrading-automated-upgrades[automated in-place upgrade]. Alternatively, you can xref:../../install_config/upgrading/manual_upgrades.adoc#install-config-upgrading-manual-upgrades[upgrade OpenShift manually]. diff --git a/install_config/upgrading/manual_upgrades.adoc b/install_config/upgrading/manual_upgrades.adoc index b6199e3dbcc0..9c773702617d 100644 --- a/install_config/upgrading/manual_upgrades.adoc +++ b/install_config/upgrading/manual_upgrades.adoc @@ -882,10 +882,12 @@ provides the example JSON files: ---- endif::[] ifdef::openshift-enterprise[] -By default, the advanced installation method automatically creates default image -streams, InstantApp templates, and database service templates in the *openshift* -project, which is a default project to which all users have view access. These -objects were created during installation from the JSON files located under the +By default, the xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick] and +xref:../../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installation] +methods automatically create default image streams, InstantApp templates, and +database service templates in the *openshift* project, which is a default +project to which all users have view access. These objects were created during +installation from the JSON files located under the *_/usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/_* directory. @@ -1547,7 +1549,7 @@ networkConfig: *Adding the Scheduler Configuration API Version* The scheduler configuration file incorrectly lacked `*kind*` and `*apiVersion*` -fields when deployed using the advanced installation method. This will +fields when deployed using the quick or advanced installation methods. This will affect future upgrades, so it is important to add those values if they do not exist. diff --git a/welcome/index.adoc b/welcome/index.adoc index 537364272381..c67c7e8a7e7c 100644 --- a/welcome/index.adoc +++ b/welcome/index.adoc @@ -53,7 +53,7 @@ ifdef::openshift-origin[] * xref:../getting_started/administrators.adoc#getting-started-administrators[As a cluster administrator] endif::[] ifdef::openshift-enterprise[] -* xref:../install_config/install/planning.adoc#install-config-install-planning[As a cluster administrator] +* xref:../install_config/install/quick_install.adoc#install-config-install-quick-install[As a cluster administrator] endif::[] |=== @@ -84,7 +84,7 @@ ifdef::openshift-enterprise,openshift-origin[] .^|[big]#Run Your Own Platform-as-a-Service (PaaS)# a|[none] -* xref:../install_config/index.adoc#install-config-index[Perform an advanced installation of {product-title} at your site] +* xref:../install_config/index.adoc#install-config-index[Choose a quick or advanced installation of {product-title} at your site] * xref:../admin_guide/index.adoc#admin-guide-index[Maintain and administer your {product-title} cluster] |=== From 5d88dad646deed15794576d65468ae1535333785 Mon Sep 17 00:00:00 2001 From: Alex Dellapenta Date: Tue, 28 Nov 2017 07:46:32 -0500 Subject: [PATCH 4/8] More reverting of quick_install changes --- .../adding_hosts_to_existing_cluster.adoc | 14 +++--- .../upgrading/automated_upgrades.adoc | 48 +++++++++++++++++-- install_config/upgrading/manual_upgrades.adoc | 10 ++-- 3 files changed, 57 insertions(+), 15 deletions(-) diff --git a/install_config/adding_hosts_to_existing_cluster.adoc b/install_config/adding_hosts_to_existing_cluster.adoc index 7e8a76c6db73..ee844f515119 100644 --- a/install_config/adding_hosts_to_existing_cluster.adoc +++ b/install_config/adding_hosts_to_existing_cluster.adoc @@ -59,10 +59,10 @@ The recommended maximum number of nodes is 300. To add nodes to your installation: . Ensure you have the latest installer and playbooks by updating the -*openshift-ansible* packages: +*atomic-openshift-utils* package: + ---- -# yum update openshift-ansible +# yum update atomic-openshift-utils ---- . Run the installer with the `scaleup` subcommand in interactive or @@ -138,11 +138,11 @@ The recommended maximum number of nodes is 300. To add a host to an existing cluster: -. Ensure you have the latest playbooks by updating the *openshift-ansible* -packages: +. Ensure you have the latest playbooks by updating the *atomic-openshift-utils* +package: + ---- -# yum update openshift-ansible +# yum update atomic-openshift-utils ---- . Edit your *_/etc/ansible/hosts_* file and add *new_* to the @@ -253,11 +253,11 @@ preparation] steps. To add an etcd host to an existing cluster: -. Ensure you have the latest playbooks by updating the *openshift-ansible* packages: +. Ensure you have the latest playbooks by updating the *atomic-openshift-utils* package: + [source, bash] ---- -$ yum update openshift-ansible +$ yum update atomic-openshift-utils ---- . Edit your *_/etc/ansible/hosts_* file, add *new_* to the diff --git a/install_config/upgrading/automated_upgrades.adoc b/install_config/upgrading/automated_upgrades.adoc index 2184e757e607..c551e3ce79c9 100644 --- a/install_config/upgrading/automated_upgrades.adoc +++ b/install_config/upgrading/automated_upgrades.adoc @@ -23,7 +23,7 @@ ifdef::openshift-enterprise[] If you installed using the xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation] method and a *_~/.config/openshift/installer.cfg.yml_* file is available, you can use -the installer to perform the automated upgrade. +the quick installer to perform the automated upgrade. endif::[] The automated upgrade performs the following steps for you: @@ -140,14 +140,15 @@ channel and enable the 3.7 channel on each master and node host: ==== . For any upgrade path, always ensure that you have the latest version of the -*openshift-ansible-** packages on each RHEL 7 system +*atomic-openshift-utils* package on each RHEL 7 system, which also updates the +*openshift-ansible-** packages: + ---- -# yum update openshift-ansible +# yum update atomic-openshift-utils ---- . When installing or updating *atomic-openshift-utils*, -*_/usr/share/openshift/examples/_* does not get updated with the latest +*_/usr/share/openshift/examples/_* does not get updated with the latest templates. To update these files: + ---- @@ -186,10 +187,49 @@ xref:../../install_config/upgrading/migrating_etcd.adoc#install-config-upgrading After satisfying these steps, there are two methods for running the automated upgrade: +- xref:upgrading-using-the-installation-utility-to-upgrade[Using the quick installer] - xref:running-the-upgrade-playbook-directly[Running the upgrade playbook directly] Choose and follow one of these methods. +[[upgrading-using-the-installation-utility-to-upgrade]] +== Using the Quick Installer to Upgrade + +If you installed {product-title} using the +xref:../../install_config/install/quick_install.adoc#install-config-install-quick-install[quick installation] method, +you should have an installation configuration file located at +*_~/.config/openshift/installer.cfg.yml_*. The quick installer requires this file to +start an upgrade. + +The quick installer supports upgrading between minor versions of {product-title} +(one minor version at a time, e.g., 3.5 to 3.6) as well as between +xref:../../release_notes/ocp_3_6_release_notes.adoc#ocp-36-asynchronous-errata-updates[asynchronous errata updates] within a minor version (e.g., 3.6.z). + +If you have an older format installation configuration file in +*_~/.config/openshift/installer.cfg.yml_* from an installation of a previous +cluster version, the quick installer will attempt to upgrade the file to the new supported +format. If you do not have an installation configuration file of any format, you +can +xref:../../install_config/install/quick_install.adoc#defining-an-installation-configuration-file[create one manually]. + +To start an upgrade with the quick installer: + +. Satisfy the steps in xref:preparing-for-an-automated-upgrade[Preparing for an Automated Upgrade] to ensure you are using the latest upgrade playbooks. + +. Run the quick installer with the `upgrade` subcommand: ++ +---- +# atomic-openshift-installer upgrade +---- +. Then, follow the on-screen instructions to upgrade to the latest release. ++ +[NOTE] +==== +If the quick installer fails, note the error output and check +xref:upgrading_known_issues.adoc#install-config-upgrading-known-issues[Known Issues] for any additional steps. +==== + +include::install_config/upgrading/automated_upgrades.adoc[tag=automated_upgrade_after_reboot] [[running-the-upgrade-playbook-directly]] == Running the Upgrade Playbook Directly diff --git a/install_config/upgrading/manual_upgrades.adoc b/install_config/upgrading/manual_upgrades.adoc index 9c773702617d..8d63a13da3a3 100644 --- a/install_config/upgrading/manual_upgrades.adoc +++ b/install_config/upgrading/manual_upgrades.adoc @@ -897,12 +897,14 @@ Because RHEL Atomic Host 7 cannot use *yum* to update packages, the following steps must take place on a RHEL 7 system. ==== -Update the packages that provide the example JSON files. On a subscribed Red -Hat Enterprise Linux 7 system where you can run the CLI as a user with -*cluster-admin* permissions, install or update to the latest version of the *openshift-ansible* packages: +Update the packages that provide the example JSON files. On a subscribed Red Hat +Enterprise Linux 7 system where you can run the CLI as a user with +*cluster-admin* permissions, install or update to the latest version of the +*atomic-openshift-utils* package, which should also update the +*openshift-ansible-* packages: ---- -# yum update openshift-ansible +# yum update atomic-openshift-utils ---- To persist *_/usr/share/openshift/examples/_* on the first master: From 97c40a15776920a11c02f2b8d1ae4b070384ac9b Mon Sep 17 00:00:00 2001 From: Alex Dellapenta Date: Tue, 28 Nov 2017 18:43:42 -0500 Subject: [PATCH 5/8] Edits for 3.7 install/upgrade --- architecture/service_catalog/index.adoc | 8 +- install_config/install/advanced_install.adoc | 2 +- .../install/rpm_vs_containerized.adoc | 13 --- .../upgrading/automated_upgrades.adoc | 36 ++++---- install_config/upgrading/manual_upgrades.adoc | 88 +++++++++++++++---- 5 files changed, 94 insertions(+), 53 deletions(-) diff --git a/architecture/service_catalog/index.adoc b/architecture/service_catalog/index.adoc index 8eb95f35ac92..1312edcbf921 100644 --- a/architecture/service_catalog/index.adoc +++ b/architecture/service_catalog/index.adoc @@ -119,10 +119,10 @@ metadata: plans: [...] ---- -Service Plan:: -A _service plan_ is represents tiers of a service class. For example, a service -class may expose a set of plans that offer varying degrees of quality-of-service -(QoS), each with a different cost associated with it. +Cluster Service Plan:: +A _cluster service plan_ is represents tiers of a cluster service class. For example, a +cluster service class may expose a set of plans that offer varying degrees of +quality-of-service (QoS), each with a different cost associated with it. Service Instance:: A _service instance_ is a provisioned instance of a service class. When a user diff --git a/install_config/install/advanced_install.adoc b/install_config/install/advanced_install.adoc index 5270480b5dd1..f0f45c3865c5 100644 --- a/install_config/install/advanced_install.adoc +++ b/install_config/install/advanced_install.adoc @@ -696,7 +696,7 @@ However, you can configure your {product-title} installation to alternatively run `etcd` as a system container. Whereas the standard containerized method uses a systemd service named `etcd_container`, the system container method uses the service name `etcd`, same as the RPM-based method. The data directory for etcd -using this method is *_/var/lib/etcd/etcd.etcd/etcd.etcd/member_*. +using this method is *_/var/lib/etcd_*. To run etcd as a system container, set the following cluster variable in your inventory file in the `[OSEv3:vars]` section: diff --git a/install_config/install/rpm_vs_containerized.adoc b/install_config/install/rpm_vs_containerized.adoc index dd18b3855aa7..c7e31c29b6d6 100644 --- a/install_config/install/rpm_vs_containerized.adoc +++ b/install_config/install/rpm_vs_containerized.adoc @@ -66,19 +66,6 @@ installation method], to install the etcd container, you can set the Ansible variable `osm_etcd_image` to be the fully qualified name of the etcd image on your local registry, for example, `registry.example.com/rhel7/etcd`. - -[NOTE] -==== -When installing an environment with multiple masters, the load balancer cannot -be deployed by the installation process as a container. See -xref:../../install_config/install/advanced_install.adoc#multiple-masters[Advanced -Installation] for load balancer requirements using the native HA method. -==== -endif::[] - -The following sections detail the preparation for a containerized {product-title} -installation. - [[containerized-required-images]] == Required Images diff --git a/install_config/upgrading/automated_upgrades.adoc b/install_config/upgrading/automated_upgrades.adoc index c551e3ce79c9..aa69b07ceabe 100644 --- a/install_config/upgrading/automated_upgrades.adoc +++ b/install_config/upgrading/automated_upgrades.adoc @@ -147,6 +147,22 @@ channel and enable the 3.7 channel on each master and node host: # yum update atomic-openshift-utils ---- +. Before upgrading to {product-title} 3.7, your cluster must be using external etcd (not embedded) and its data must be using the v3 data model: + +.. Starting in {product-title} 3.7, embedded etcd is no longer supported. If you +have an {product-title} 3.6 cluster that is using an embeded etcd, you must run +a playbook to migrate it to external etcd. See +xref:../../install_config/upgrading/migrating_embedded_etcd.adoc#install-config-upgrading-etcd-data-migration[Migrating Embedded etcd to External etcd] for steps. + +.. If your cluster was initially installed using *openshift-ansible* version +3.6.173.0.21 or later, your etcd data is already using the v3 model. If it was +upgraded from {product-title} 3.5 to 3.6 before then, you must run a playbook to +migrate the data from the v2 model to v3. See +xref:../../install_config/upgrading/migrating_etcd.adoc#install-config-upgrading-etcd-data-migration[Migrating etcd Data (v2 to v3)] for steps. + +//// +((Steps removed per QE feedback)) + . When installing or updating *atomic-openshift-utils*, *_/usr/share/openshift/examples/_* does not get updated with the latest templates. To update these files: @@ -170,19 +186,7 @@ the upgrade to succeed: ---- $ oc login ---- - -. Before upgrading to {product-title} 3.7, your cluster must be using external etcd (not embedded) and its data must be using the v3 data model: - -.. Starting in {product-title} 3.7, embedded etcd is no longer supported. If you -have an {product-title} 3.6 cluster that is using an embeded etcd, you must run -a playbook to migrate it to external etcd. See -xref:../../install_config/upgrading/migrating_embedded_etcd.adoc#install-config-upgrading-etcd-data-migration[Migrating Embedded etcd to External etcd] for steps. - -.. If your cluster was initially installed using *openshift-ansible* version -3.6.173.0.21 or later, your etcd data is already using the v3 model. If it was -upgraded from {product-title} 3.5 to 3.6 before then, you must run a playbook to -migrate the data from the v2 model to v3. See -xref:../../install_config/upgrading/migrating_etcd.adoc#install-config-upgrading-etcd-data-migration[Migrating etcd Data (v2 to v3)] for steps. +//// After satisfying these steps, there are two methods for running the automated upgrade: @@ -260,7 +264,6 @@ described in xref:upgrading-to-ocp-3-7[Upgrading to the Latest {product-title} [[upgrading-to-openshift-enterprise-3-2-0]] === Upgrading to OpenShift Enterprise 3.2.0 -- etcd - master components - node services running on masters - Docker running on masters @@ -451,11 +454,8 @@ one playbook; the control plane is still upgraded first, then nodes in-place: + ---- # ansible-playbook -i \ - /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml \ - [-e ] <1> + /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml ---- -<1> See xref:customizing-node-upgrades[Customizing Node Upgrades] for any desired -``. + ** *Option B)* Upgrade the control plane and nodes in separate phases. diff --git a/install_config/upgrading/manual_upgrades.adoc b/install_config/upgrading/manual_upgrades.adoc index 8d63a13da3a3..1bf98835b132 100644 --- a/install_config/upgrading/manual_upgrades.adoc +++ b/install_config/upgrading/manual_upgrades.adoc @@ -16,10 +16,9 @@ toc::[] == Overview As an alternative to performing an -xref:../../install_config/upgrading/automated_upgrades.adoc#install-config-upgrading-automated-upgrades[automated upgrade], -you can manually upgrade your OpenShift cluster. To manually upgrade without -disruption, it is important to upgrade each component as documented in this -topic. +xref:../../install_config/upgrading/automated_upgrades.adoc#install-config-upgrading-automated-upgrades[automated upgrade], you can manually upgrade your {product-title} cluster. To manually +upgrade without disruption, it is important to upgrade each component as +documented in this topic. Before you begin your upgrade, familiarize yourself now with the entire procedure. xref:additional-instructions-per-release[Specific releases may @@ -84,15 +83,6 @@ that will be used in later sections: # yum install atomic-openshift-utils ---- -. When installing or updating *atomic-openshift-utils*, -*_/usr/share/openshift/examples/_* does not get updated with the latest -templates. To update these files: -+ ----- -# mkdir /usr/share/openshift/examples -# cp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* /usr/share/openshift/examples/ ----- - . Install or update to the following latest available **-excluder* packages on each RHEL 7 system, which helps ensure your systems stay on the correct versions of *atomic-openshift* and *docker* packages when you are not trying to upgrade, @@ -139,6 +129,46 @@ each RHEL 7 system: # yum update kernel ---- +. There is a small set of configurations that are possible in authorization policy +resources in {product-title} 3.6 that are not supported by RBAC in +{product-title} 3.7. Such configurations require manual migration based on your +use case. ++ +If you are upgrading from {product-title} 3.6 to 3.7, to guarantee that all +authorization policy objects are in sync with RBAC, run: ++ +---- +$ oc adm migrate authorization +---- ++ +This read-only command emulates the migration controller logic and reports if +any resource is out of sync. ++ +[IMPORTANT] +==== +During a rolling upgrade, avoid actions that require changes to {product-title} +authorization policy resources such as the creation of new projects. If a +project is created against a new master, the RBAC resources it creates will be +deleted by the migration controller since they will be seen as out of sync from +the authorization policy resources. + +If a project is created against an old master and the migration controller is no +longer present due to a {product-title} 3.7 controller process being the leader, +then its policy objects will not be synced and it will have no RBAC resources. +==== + +//// +((Step removed per QE feedback)) +. When installing or updating *atomic-openshift-utils*, +*_/usr/share/openshift/examples/_* does not get updated with the latest +templates. To update these files: ++ +---- +# mkdir /usr/share/openshift/examples +# cp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* /usr/share/openshift/examples/ +---- +//// + [[upgrading-masters]] == Upgrading Master Components @@ -910,14 +940,14 @@ Enterprise Linux 7 system where you can run the CLI as a user with To persist *_/usr/share/openshift/examples/_* on the first master: ---- -scp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* user@master1:/usr/share/openshift/examples/ +$ scp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* user@master1:/usr/share/openshift/examples/ ---- To persist *_/usr/share/openshift/examples/_* on all masters: ---- -mkdir /usr/share/openshift/examples -scp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* user@masterx:/usr/share/openshift/examples +$ mkdir /usr/share/openshift/examples +$ scp -R /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v3.7/* user@masterx:/usr/share/openshift/examples ---- The *openshift-ansible-roles* package provides the latest example JSON files. @@ -927,7 +957,7 @@ endif::[] *openshift-ansible-roles*: + ---- -rpm -ql openshift-ansible-roles | grep examples | grep v3.7 +# rpm -ql openshift-ansible-roles | grep examples | grep v3.7 ---- + In this example, @@ -1633,6 +1663,30 @@ ifdef::openshift-origin[] endif::[] ---- +. If you upgraded from {product-title} 3.6 to 3.7, the following read-only script +can be used to determine what namespaces lack RBAC role bindings: ++ +[source,bash] +---- +#!/bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +for namespace in $(oc get namespace -o name); do + ns=$(echo "${namespace}" | cut -d / -f 2) + rolebindings_count=$(oc get rolebinding.rbac -o name -n "${ns}" | wc -l) + if [[ "${rolebindings_count}" == "0" ]]; then + echo "Namespace ${ns} has no role bindings which may require further investigation" + else + echo "Namespace ${ns}: ok" + fi +done +---- ++ +It is up to you to decide how to remediate these namespaces. + ifdef::openshift-origin[] . If you upgraded from Origin 1.0 to Origin 1.1, verify in your old *_/etc/sysconfig/openshift-master_* and *_/etc/sysconfig/openshift-node_* files From e67ea85c639376509fc2fd154bf2c82259ef6cd1 Mon Sep 17 00:00:00 2001 From: Alex Dellapenta Date: Thu, 30 Nov 2017 12:13:46 -0500 Subject: [PATCH 6/8] Add etcd group to single-master and cleanup infranodes --- install_config/install/advanced_install.adoc | 76 ++++++++++++-------- 1 file changed, 47 insertions(+), 29 deletions(-) diff --git a/install_config/install/advanced_install.adoc b/install_config/install/advanced_install.adoc index f0f45c3865c5..3f95308769dd 100644 --- a/install_config/install/advanced_install.adoc +++ b/install_config/install/advanced_install.adoc @@ -1763,12 +1763,14 @@ not supported. [discrete] [[single-master-multi-node-ai]] -==== Single Master and Multiple Nodes +==== Single Master, Single etcd, and Multiple Nodes The following table describes an example environment for a single -xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[master] (with *etcd* on the same host) -and two -xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[nodes]: +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[master] +(with a single *etcd* on the same host), two +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[nodes] +for hosting user applications, and two nodes with the `region=infra` label for hosting +xref:configuring-dedicated-infrastructure-nodes[dedicated infrastructure]: [options="header"] |=== @@ -1776,26 +1778,29 @@ xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc |Host Name |Infrastructure Component to Install |*master.example.com* -|Master and node - -|*master.example.com* -|etcd +|Master, etcd, and node |*node1.example.com* .2+.^|Node |*node2.example.com* + +|*infra-node1.example.com* +.2+.^|Node (with `region=infra` label) + +|*infra-node2.example.com* |=== -You can see these example hosts present in the *[masters]* and *[nodes]* -sections of the following example inventory file: +You can see these example hosts present in the *[masters]*, *[etcd]*, and +*[nodes]* sections of the following example inventory file: -.Single Master and Multiple Nodes Inventory File +.Single Master, Single etcd, and Multiple Nodes Inventory File ---- -# Create an OSEv3 group that contains the masters and nodes groups +# Create an OSEv3 group that contains the masters, nodes, and etcd groups [OSEv3:children] masters nodes +etcd # Set variables common for all OSEv3 hosts [OSEv3:vars] @@ -1843,8 +1848,10 @@ The following table describes an example environment for a single xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[master], three xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[*etcd*] -hosts, and two -xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[nodes]: +hosts, two +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[nodes] +for hosting user applications, and two nodes with the `region=infra` label for hosting +xref:configuring-dedicated-infrastructure-nodes[dedicated infrastructure]: [options="header"] |=== @@ -1865,6 +1872,11 @@ xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc .2+.^|Node |*node2.example.com* + +|*infra-node1.example.com* +.2+.^|Node (with `region=infra` label) + +|*infra-node2.example.com* |=== [NOTE] @@ -1877,7 +1889,6 @@ You can see these example hosts present in the *[masters]*, *[nodes]*, and *[etcd]* sections of the following example inventory file: .Single Master, Multiple etcd, and Multiple Nodes Inventory File - ---- # Create an OSEv3 group that contains the masters, nodes, and etcd groups [OSEv3:children] @@ -1983,12 +1994,13 @@ To configure multiple masters, refer to the following section. ==== Multiple Masters with Multiple etcd The following describes an example environment for three -xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[masters], -one HAProxy load balancer, three +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[masters] +using the `native` HA method:, one HAProxy load balancer, three xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[*etcd*] -hosts, and two +hosts, two xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[nodes] -using the `native` HA method: +for hosting user applications, and two nodes with the `region=infra` label for hosting +xref:configuring-dedicated-infrastructure-nodes[dedicated infrastructure]: [options="header"] |=== @@ -2016,6 +2028,11 @@ using the `native` HA method: .2+.^|Node |*node2.example.com* + +|*infra-node1.example.com* +.2+.^|Node (with `region=infra` label) + +|*infra-node2.example.com* |=== [NOTE] @@ -2028,8 +2045,6 @@ You can see these example hosts present in the *[masters]*, *[etcd]*, *[lb]*, and *[nodes]* sections of the following example inventory file: .Multiple Masters Using HAProxy Inventory File -==== - ---- # Create an OSEv3 group that contains the master, nodes, etcd, and lb groups. # The lb group lets Ansible configure HAProxy as the load balancing solution. @@ -2094,7 +2109,6 @@ node2.example.com openshift_node_labels="{'region': 'primary', 'zone': 'west'}" infra-node1.example.com openshift_node_labels="{'region': 'infra', 'zone': 'default'}" infra-node2.example.com openshift_node_labels="{'region': 'infra', 'zone': 'default'}" ---- -==== To use this example, modify the file to match your environment and specifications, and save it as *_/etc/ansible/hosts_*. @@ -2104,10 +2118,13 @@ specifications, and save it as *_/etc/ansible/hosts_*. ==== Multiple Masters with Master and etcd on the Same Host The following describes an example environment for three -xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[masters] with xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[*etcd*] on each host, -one HAProxy load balancer, and two +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[masters] +using the `native` HA method (with +xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#master[*etcd*] +on each host), one HAProxy load balancer, two xref:../../architecture/infrastructure_components/kubernetes_infrastructure.adoc#node[nodes] -using the `native` HA method: +for hosting user applications, and two nodes with the `region=infra` label for hosting +xref:configuring-dedicated-infrastructure-nodes[dedicated infrastructure]: [options="header"] |=== @@ -2128,12 +2145,16 @@ using the `native` HA method: .2+.^|Node |*node2.example.com* + +|*infra-node1.example.com* +.2+.^|Node (with `region=infra` label) + +|*infra-node2.example.com* |=== You can see these example hosts present in the *[masters]*, *[etcd]*, *[lb]*, and *[nodes]* sections of the following example inventory file: -==== ---- # Create an OSEv3 group that contains the master, nodes, etcd, and lb groups. # The lb group lets Ansible configure HAProxy as the load balancing solution. @@ -2187,13 +2208,10 @@ node2.example.com openshift_node_labels="{'region': 'primary', 'zone': 'west'}" infra-node1.example.com openshift_node_labels="{'region': 'infra', 'zone': 'default'}" infra-node2.example.com openshift_node_labels="{'region': 'infra', 'zone': 'default'}" ---- -==== To use this example, modify the file to match your environment and specifications, and save it as *_/etc/ansible/hosts_*. - - [[running-the-advanced-installation]] == Running the Advanced Installation From 146521bbabd7b1ff6fd7f6a843ce1a381c7d0f2f Mon Sep 17 00:00:00 2001 From: Alex Dellapenta Date: Thu, 7 Dec 2017 15:48:18 -0500 Subject: [PATCH 7/8] Fix 3.7-level topic_map + rest_api --- _topic_map.yml | 826 +++-- rest_api/api/v1.APIResourceList.adoc | 1230 +++++++ rest_api/api/v1.APIVersions.adoc | 116 + rest_api/api/v1.Binding.adoc | 252 ++ rest_api/api/v1.ComponentStatus.adoc | 209 ++ rest_api/api/v1.ConfigMap.adoc | 885 +++++ rest_api/api/v1.Endpoints.adoc | 923 +++++ rest_api/api/v1.Event.adoc | 900 +++++ rest_api/api/v1.LimitRange.adoc | 896 +++++ rest_api/api/v1.Namespace.adoc | 906 +++++ rest_api/api/v1.Node.adoc | 1659 +++++++++ rest_api/api/v1.PersistentVolume.adoc | 1026 ++++++ rest_api/api/v1.PersistentVolumeClaim.adoc | 1115 ++++++ rest_api/api/v1.Pod.adoc | 3065 +++++++++++++++++ rest_api/api/v1.PodTemplate.adoc | 1543 +++++++++ rest_api/api/v1.ReplicationController.adoc | 2184 ++++++++++++ rest_api/api/v1.ResourceQuota.adoc | 1101 ++++++ rest_api/api/v1.Secret.adoc | 888 +++++ .../api/v1.SecurityContextConstraints.adoc | 716 ++++ rest_api/api/v1.Service.adoc | 1781 ++++++++++ rest_api/api/v1.ServiceAccount.adoc | 894 +++++ .../v1.DeploymentConfig.adoc | 2467 +++++++++++++ .../apis-apps/v1beta1.ControllerRevision.adoc | 886 +++++ rest_api/apis-apps/v1beta1.Deployment.adoc | 2073 +++++++++++ rest_api/apis-apps/v1beta1.StatefulSet.adoc | 1874 ++++++++++ .../v1.TokenReview.adoc | 179 + .../v1beta1.TokenReview.adoc | 179 + .../v1.LocalSubjectAccessReview.adoc | 265 ++ .../v1.SelfSubjectAccessReview.adoc | 183 + .../v1.SubjectAccessReview.adoc | 188 + .../v1beta1.LocalSubjectAccessReview.adoc | 265 ++ .../v1beta1.SelfSubjectAccessReview.adoc | 183 + .../v1beta1.SubjectAccessReview.adoc | 188 + .../v1.ClusterRole.adoc | 515 +++ .../v1.ClusterRoleBinding.adoc | 522 +++ .../v1.LocalResourceAccessReview.adoc | 186 + .../v1.LocalSubjectAccessReview.adoc | 191 + .../v1.ResourceAccessReview.adoc | 109 + .../v1.Role.adoc | 657 ++++ .../v1.RoleBinding.adoc | 664 ++++ .../v1.RoleBindingRestriction.adoc | 914 +++++ .../v1.SelfSubjectRulesReview.adoc | 194 ++ .../v1.SubjectAccessReview.adoc | 114 + .../v1.SubjectRulesReview.adoc | 197 ++ .../v1.HorizontalPodAutoscaler.adoc | 1105 ++++++ rest_api/apis-batch/v1.Job.adoc | 1777 ++++++++++ rest_api/apis-batch/v2alpha1.CronJob.adoc | 1850 ++++++++++ .../apis-batch/v2alpha1.ScheduledJob.adoc | 1850 ++++++++++ .../apis-build.openshift.io/v1.Build.adoc | 1428 ++++++++ .../v1.BuildConfig.adoc | 1389 ++++++++ .../v1beta1.CertificateSigningRequest.adoc | 844 +++++ .../apis-extensions/v1beta1.DaemonSet.adoc | 1777 ++++++++++ .../apis-extensions/v1beta1.Deployment.adoc | 2073 +++++++++++ rest_api/apis-extensions/v1beta1.Ingress.adoc | 1117 ++++++ .../v1beta1.NetworkPolicy.adoc | 913 +++++ .../v1beta1.PodSecurityPolicy.adoc | 711 ++++ .../apis-extensions/v1beta1.ReplicaSet.adoc | 1982 +++++++++++ .../v1beta1.ThirdPartyResource.adoc | 675 ++++ .../apis-image.openshift.io/v1.Image.adoc | 776 +++++ .../v1.ImageSignature.adoc | 241 ++ .../v1.ImageStream.adoc | 1191 +++++++ .../v1.ImageStreamImage.adoc | 326 ++ .../v1.ImageStreamImport.adoc | 821 +++++ .../v1.ImageStreamMapping.adoc | 420 +++ .../v1.ImageStreamTag.adoc | 826 +++++ .../v1.ClusterNetwork.adoc | 676 ++++ .../v1.EgressNetworkPolicy.adoc | 889 +++++ .../v1.HostSubnet.adoc | 675 ++++ .../v1.NetNamespace.adoc | 674 ++++ .../v1.NetworkPolicy.adoc | 913 +++++ .../v1.OAuthAccessToken.adoc | 681 ++++ .../v1.OAuthAuthorizeToken.adoc | 682 ++++ .../v1.OAuthClient.adoc | 691 ++++ .../v1.OAuthClientAuthorization.adoc | 677 ++++ .../v1beta1.PodDisruptionBudget.adoc | 1110 ++++++ .../apis-project.openshift.io/v1.Project.adoc | 604 ++++ .../v1.ProjectRequest.adoc | 223 ++ .../v1.AppliedClusterResourceQuota.adoc | 296 ++ .../v1.ClusterResourceQuota.adoc | 907 +++++ .../v1beta1.ClusterRole.adoc | 681 ++++ .../v1beta1.ClusterRoleBinding.adoc | 679 ++++ .../v1beta1.Role.adoc | 892 +++++ .../v1beta1.RoleBinding.adoc | 890 +++++ .../apis-route.openshift.io/v1.Route.adoc | 1132 ++++++ .../v1.PodSecurityPolicyReview.adoc | 1511 ++++++++ ...v1.PodSecurityPolicySelfSubjectReview.adoc | 1507 ++++++++ .../v1.PodSecurityPolicySubjectReview.adoc | 1510 ++++++++ .../v1.SecurityContextConstraints.adoc | 716 ++++ .../apis-storage.k8s.io/v1.StorageClass.adoc | 677 ++++ .../v1beta1.StorageClass.adoc | 677 ++++ .../v1.BrokerTemplateInstance.adoc | 691 ++++ .../v1.Template.adoc | 1049 ++++++ .../v1.TemplateInstance.adoc | 1207 +++++++ rest_api/apis-user.openshift.io/v1.Group.adoc | 674 ++++ .../apis-user.openshift.io/v1.Identity.adoc | 684 ++++ rest_api/apis-user.openshift.io/v1.User.adoc | 677 ++++ .../v1.UserIdentityMapping.adoc | 442 +++ rest_api/apis/v1.APIGroup.adoc | 982 ++++++ rest_api/apis/v1.APIGroupList.adoc | 83 + rest_api/examples.adoc | 128 + rest_api/index.adoc | 6 +- .../oapi/v1.AppliedClusterResourceQuota.adoc | 296 ++ rest_api/oapi/v1.Build.adoc | 1429 ++++++++ rest_api/oapi/v1.BuildConfig.adoc | 1389 ++++++++ rest_api/oapi/v1.ClusterNetwork.adoc | 676 ++++ rest_api/oapi/v1.ClusterResourceQuota.adoc | 907 +++++ rest_api/oapi/v1.ClusterRole.adoc | 515 +++ rest_api/oapi/v1.ClusterRoleBinding.adoc | 522 +++ rest_api/oapi/v1.DeploymentConfig.adoc | 2467 +++++++++++++ .../oapi/v1.DeploymentConfigRollback.adoc | 193 ++ rest_api/oapi/v1.EgressNetworkPolicy.adoc | 889 +++++ rest_api/oapi/v1.Group.adoc | 674 ++++ rest_api/oapi/v1.HostSubnet.adoc | 675 ++++ rest_api/oapi/v1.Identity.adoc | 684 ++++ rest_api/oapi/v1.Image.adoc | 776 +++++ rest_api/oapi/v1.ImageSignature.adoc | 241 ++ rest_api/oapi/v1.ImageStream.adoc | 1191 +++++++ rest_api/oapi/v1.ImageStreamImage.adoc | 326 ++ rest_api/oapi/v1.ImageStreamImport.adoc | 821 +++++ rest_api/oapi/v1.ImageStreamMapping.adoc | 420 +++ rest_api/oapi/v1.ImageStreamTag.adoc | 826 +++++ .../oapi/v1.LocalResourceAccessReview.adoc | 186 + .../oapi/v1.LocalSubjectAccessReview.adoc | 191 + rest_api/oapi/v1.NetNamespace.adoc | 674 ++++ rest_api/oapi/v1.OAuthAccessToken.adoc | 681 ++++ rest_api/oapi/v1.OAuthAuthorizeToken.adoc | 682 ++++ rest_api/oapi/v1.OAuthClient.adoc | 691 ++++ .../oapi/v1.OAuthClientAuthorization.adoc | 677 ++++ rest_api/oapi/v1.PodSecurityPolicyReview.adoc | 1511 ++++++++ ...v1.PodSecurityPolicySelfSubjectReview.adoc | 1507 ++++++++ .../v1.PodSecurityPolicySubjectReview.adoc | 1510 ++++++++ rest_api/oapi/v1.ProcessedTemplate.adoc | 263 ++ rest_api/oapi/v1.Project.adoc | 604 ++++ rest_api/oapi/v1.ProjectRequest.adoc | 223 ++ rest_api/oapi/v1.ResourceAccessReview.adoc | 186 + rest_api/oapi/v1.Role.adoc | 657 ++++ rest_api/oapi/v1.RoleBinding.adoc | 664 ++++ rest_api/oapi/v1.RoleBindingRestriction.adoc | 914 +++++ rest_api/oapi/v1.Route.adoc | 1132 ++++++ rest_api/oapi/v1.SelfSubjectRulesReview.adoc | 194 ++ rest_api/oapi/v1.SubjectAccessReview.adoc | 191 + rest_api/oapi/v1.SubjectRulesReview.adoc | 197 ++ rest_api/oapi/v1.Template.adoc | 902 +++++ rest_api/oapi/v1.User.adoc | 677 ++++ rest_api/oapi/v1.UserIdentityMapping.adoc | 442 +++ rest_api/revhistory_rest_api.adoc | 31 +- 146 files changed, 118882 insertions(+), 215 deletions(-) create mode 100644 rest_api/api/v1.APIResourceList.adoc create mode 100644 rest_api/api/v1.APIVersions.adoc create mode 100644 rest_api/api/v1.Binding.adoc create mode 100644 rest_api/api/v1.ComponentStatus.adoc create mode 100644 rest_api/api/v1.ConfigMap.adoc create mode 100644 rest_api/api/v1.Endpoints.adoc create mode 100644 rest_api/api/v1.Event.adoc create mode 100644 rest_api/api/v1.LimitRange.adoc create mode 100644 rest_api/api/v1.Namespace.adoc create mode 100644 rest_api/api/v1.Node.adoc create mode 100644 rest_api/api/v1.PersistentVolume.adoc create mode 100644 rest_api/api/v1.PersistentVolumeClaim.adoc create mode 100644 rest_api/api/v1.Pod.adoc create mode 100644 rest_api/api/v1.PodTemplate.adoc create mode 100644 rest_api/api/v1.ReplicationController.adoc create mode 100644 rest_api/api/v1.ResourceQuota.adoc create mode 100644 rest_api/api/v1.Secret.adoc create mode 100644 rest_api/api/v1.SecurityContextConstraints.adoc create mode 100644 rest_api/api/v1.Service.adoc create mode 100644 rest_api/api/v1.ServiceAccount.adoc create mode 100644 rest_api/apis-apps.openshift.io/v1.DeploymentConfig.adoc create mode 100644 rest_api/apis-apps/v1beta1.ControllerRevision.adoc create mode 100644 rest_api/apis-apps/v1beta1.Deployment.adoc create mode 100644 rest_api/apis-apps/v1beta1.StatefulSet.adoc create mode 100644 rest_api/apis-authentication.k8s.io/v1.TokenReview.adoc create mode 100644 rest_api/apis-authentication.k8s.io/v1beta1.TokenReview.adoc create mode 100644 rest_api/apis-authorization.k8s.io/v1.LocalSubjectAccessReview.adoc create mode 100644 rest_api/apis-authorization.k8s.io/v1.SelfSubjectAccessReview.adoc create mode 100644 rest_api/apis-authorization.k8s.io/v1.SubjectAccessReview.adoc create mode 100644 rest_api/apis-authorization.k8s.io/v1beta1.LocalSubjectAccessReview.adoc create mode 100644 rest_api/apis-authorization.k8s.io/v1beta1.SelfSubjectAccessReview.adoc create mode 100644 rest_api/apis-authorization.k8s.io/v1beta1.SubjectAccessReview.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.ClusterRole.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.ClusterRoleBinding.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.LocalResourceAccessReview.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.LocalSubjectAccessReview.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.ResourceAccessReview.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.Role.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.RoleBinding.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.RoleBindingRestriction.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.SelfSubjectRulesReview.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.SubjectAccessReview.adoc create mode 100644 rest_api/apis-authorization.openshift.io/v1.SubjectRulesReview.adoc create mode 100644 rest_api/apis-autoscaling/v1.HorizontalPodAutoscaler.adoc create mode 100644 rest_api/apis-batch/v1.Job.adoc create mode 100644 rest_api/apis-batch/v2alpha1.CronJob.adoc create mode 100644 rest_api/apis-batch/v2alpha1.ScheduledJob.adoc create mode 100644 rest_api/apis-build.openshift.io/v1.Build.adoc create mode 100644 rest_api/apis-build.openshift.io/v1.BuildConfig.adoc create mode 100644 rest_api/apis-certificates.k8s.io/v1beta1.CertificateSigningRequest.adoc create mode 100644 rest_api/apis-extensions/v1beta1.DaemonSet.adoc create mode 100644 rest_api/apis-extensions/v1beta1.Deployment.adoc create mode 100644 rest_api/apis-extensions/v1beta1.Ingress.adoc create mode 100644 rest_api/apis-extensions/v1beta1.NetworkPolicy.adoc create mode 100644 rest_api/apis-extensions/v1beta1.PodSecurityPolicy.adoc create mode 100644 rest_api/apis-extensions/v1beta1.ReplicaSet.adoc create mode 100644 rest_api/apis-extensions/v1beta1.ThirdPartyResource.adoc create mode 100644 rest_api/apis-image.openshift.io/v1.Image.adoc create mode 100644 rest_api/apis-image.openshift.io/v1.ImageSignature.adoc create mode 100644 rest_api/apis-image.openshift.io/v1.ImageStream.adoc create mode 100644 rest_api/apis-image.openshift.io/v1.ImageStreamImage.adoc create mode 100644 rest_api/apis-image.openshift.io/v1.ImageStreamImport.adoc create mode 100644 rest_api/apis-image.openshift.io/v1.ImageStreamMapping.adoc create mode 100644 rest_api/apis-image.openshift.io/v1.ImageStreamTag.adoc create mode 100644 rest_api/apis-network.openshift.io/v1.ClusterNetwork.adoc create mode 100644 rest_api/apis-network.openshift.io/v1.EgressNetworkPolicy.adoc create mode 100644 rest_api/apis-network.openshift.io/v1.HostSubnet.adoc create mode 100644 rest_api/apis-network.openshift.io/v1.NetNamespace.adoc create mode 100644 rest_api/apis-networking.k8s.io/v1.NetworkPolicy.adoc create mode 100644 rest_api/apis-oauth.openshift.io/v1.OAuthAccessToken.adoc create mode 100644 rest_api/apis-oauth.openshift.io/v1.OAuthAuthorizeToken.adoc create mode 100644 rest_api/apis-oauth.openshift.io/v1.OAuthClient.adoc create mode 100644 rest_api/apis-oauth.openshift.io/v1.OAuthClientAuthorization.adoc create mode 100644 rest_api/apis-policy/v1beta1.PodDisruptionBudget.adoc create mode 100644 rest_api/apis-project.openshift.io/v1.Project.adoc create mode 100644 rest_api/apis-project.openshift.io/v1.ProjectRequest.adoc create mode 100644 rest_api/apis-quota.openshift.io/v1.AppliedClusterResourceQuota.adoc create mode 100644 rest_api/apis-quota.openshift.io/v1.ClusterResourceQuota.adoc create mode 100644 rest_api/apis-rbac.authorization.k8s.io/v1beta1.ClusterRole.adoc create mode 100644 rest_api/apis-rbac.authorization.k8s.io/v1beta1.ClusterRoleBinding.adoc create mode 100644 rest_api/apis-rbac.authorization.k8s.io/v1beta1.Role.adoc create mode 100644 rest_api/apis-rbac.authorization.k8s.io/v1beta1.RoleBinding.adoc create mode 100644 rest_api/apis-route.openshift.io/v1.Route.adoc create mode 100644 rest_api/apis-security.openshift.io/v1.PodSecurityPolicyReview.adoc create mode 100644 rest_api/apis-security.openshift.io/v1.PodSecurityPolicySelfSubjectReview.adoc create mode 100644 rest_api/apis-security.openshift.io/v1.PodSecurityPolicySubjectReview.adoc create mode 100644 rest_api/apis-security.openshift.io/v1.SecurityContextConstraints.adoc create mode 100644 rest_api/apis-storage.k8s.io/v1.StorageClass.adoc create mode 100644 rest_api/apis-storage.k8s.io/v1beta1.StorageClass.adoc create mode 100644 rest_api/apis-template.openshift.io/v1.BrokerTemplateInstance.adoc create mode 100644 rest_api/apis-template.openshift.io/v1.Template.adoc create mode 100644 rest_api/apis-template.openshift.io/v1.TemplateInstance.adoc create mode 100644 rest_api/apis-user.openshift.io/v1.Group.adoc create mode 100644 rest_api/apis-user.openshift.io/v1.Identity.adoc create mode 100644 rest_api/apis-user.openshift.io/v1.User.adoc create mode 100644 rest_api/apis-user.openshift.io/v1.UserIdentityMapping.adoc create mode 100644 rest_api/apis/v1.APIGroup.adoc create mode 100644 rest_api/apis/v1.APIGroupList.adoc create mode 100644 rest_api/examples.adoc create mode 100644 rest_api/oapi/v1.AppliedClusterResourceQuota.adoc create mode 100644 rest_api/oapi/v1.Build.adoc create mode 100644 rest_api/oapi/v1.BuildConfig.adoc create mode 100644 rest_api/oapi/v1.ClusterNetwork.adoc create mode 100644 rest_api/oapi/v1.ClusterResourceQuota.adoc create mode 100644 rest_api/oapi/v1.ClusterRole.adoc create mode 100644 rest_api/oapi/v1.ClusterRoleBinding.adoc create mode 100644 rest_api/oapi/v1.DeploymentConfig.adoc create mode 100644 rest_api/oapi/v1.DeploymentConfigRollback.adoc create mode 100644 rest_api/oapi/v1.EgressNetworkPolicy.adoc create mode 100644 rest_api/oapi/v1.Group.adoc create mode 100644 rest_api/oapi/v1.HostSubnet.adoc create mode 100644 rest_api/oapi/v1.Identity.adoc create mode 100644 rest_api/oapi/v1.Image.adoc create mode 100644 rest_api/oapi/v1.ImageSignature.adoc create mode 100644 rest_api/oapi/v1.ImageStream.adoc create mode 100644 rest_api/oapi/v1.ImageStreamImage.adoc create mode 100644 rest_api/oapi/v1.ImageStreamImport.adoc create mode 100644 rest_api/oapi/v1.ImageStreamMapping.adoc create mode 100644 rest_api/oapi/v1.ImageStreamTag.adoc create mode 100644 rest_api/oapi/v1.LocalResourceAccessReview.adoc create mode 100644 rest_api/oapi/v1.LocalSubjectAccessReview.adoc create mode 100644 rest_api/oapi/v1.NetNamespace.adoc create mode 100644 rest_api/oapi/v1.OAuthAccessToken.adoc create mode 100644 rest_api/oapi/v1.OAuthAuthorizeToken.adoc create mode 100644 rest_api/oapi/v1.OAuthClient.adoc create mode 100644 rest_api/oapi/v1.OAuthClientAuthorization.adoc create mode 100644 rest_api/oapi/v1.PodSecurityPolicyReview.adoc create mode 100644 rest_api/oapi/v1.PodSecurityPolicySelfSubjectReview.adoc create mode 100644 rest_api/oapi/v1.PodSecurityPolicySubjectReview.adoc create mode 100644 rest_api/oapi/v1.ProcessedTemplate.adoc create mode 100644 rest_api/oapi/v1.Project.adoc create mode 100644 rest_api/oapi/v1.ProjectRequest.adoc create mode 100644 rest_api/oapi/v1.ResourceAccessReview.adoc create mode 100644 rest_api/oapi/v1.Role.adoc create mode 100644 rest_api/oapi/v1.RoleBinding.adoc create mode 100644 rest_api/oapi/v1.RoleBindingRestriction.adoc create mode 100644 rest_api/oapi/v1.Route.adoc create mode 100644 rest_api/oapi/v1.SelfSubjectRulesReview.adoc create mode 100644 rest_api/oapi/v1.SubjectAccessReview.adoc create mode 100644 rest_api/oapi/v1.SubjectRulesReview.adoc create mode 100644 rest_api/oapi/v1.Template.adoc create mode 100644 rest_api/oapi/v1.User.adoc create mode 100644 rest_api/oapi/v1.UserIdentityMapping.adoc diff --git a/_topic_map.yml b/_topic_map.yml index 40bb623de759..2957e48beae4 100644 --- a/_topic_map.yml +++ b/_topic_map.yml @@ -118,12 +118,12 @@ Topics: - Name: Administrators Dir: administrators Topics: - - Name: Overview - File: index - - Name: System Configuration - File: system_configuration - - Name: Uninstall - File: uninstall + - Name: Overview + File: index + - Name: System Configuration + File: system_configuration + - Name: Uninstall + File: uninstall --- Name: Architecture Dir: architecture @@ -133,99 +133,99 @@ Topics: - Name: Infrastructure Components Dir: infrastructure_components Topics: - - Name: Kubernetes Infrastructure - File: kubernetes_infrastructure - Distros: openshift-* - - Name: Image Registry - File: image_registry - - Name: Web Console - File: web_console - Distros: openshift-* + - Name: Kubernetes Infrastructure + File: kubernetes_infrastructure + Distros: openshift-* + - Name: Image Registry + File: image_registry + - Name: Web Console + File: web_console + Distros: openshift-* - Name: Core Concepts Dir: core_concepts Topics: - - Name: Overview - File: index - Distros: openshift-* - - Name: Containers and Images - File: containers_and_images - Distros: openshift-* - - Name: Images - File: containers_and_images - Distros: atomic-* - - Name: Pods and Services - File: pods_and_services - Distros: openshift-* - - Name: Projects and Users - File: projects_and_users - - Name: Builds and Image Streams - File: builds_and_image_streams - Distros: openshift-* - - Name: Image Streams - File: builds_and_image_streams - Distros: atomic-* - - Name: Deployments - File: deployments - Distros: openshift-* - - Name: Templates - File: templates - Alias: dev_guide/templates - Distros: openshift-* + - Name: Overview + File: index + Distros: openshift-* + - Name: Containers and Images + File: containers_and_images + Distros: openshift-* + - Name: Images + File: containers_and_images + Distros: atomic-* + - Name: Pods and Services + File: pods_and_services + Distros: openshift-* + - Name: Projects and Users + File: projects_and_users + - Name: Builds and Image Streams + File: builds_and_image_streams + Distros: openshift-* + - Name: Image Streams + File: builds_and_image_streams + Distros: atomic-* + - Name: Deployments + File: deployments + Distros: openshift-* + - Name: Templates + File: templates + Alias: dev_guide/templates + Distros: openshift-* - Name: Additional Concepts Dir: additional_concepts Topics: - - Name: Authentication - File: authentication - - Name: Authorization - File: authorization - - Name: Persistent Storage - File: storage - Distros: openshift-* - - Name: Source Control Management - File: scm - Distros: openshift-* - - Name: Admission Controllers - File: admission_controllers - Distros: openshift-enterprise,openshift-origin,openshift-dedicated - - Name: Other API Objects - File: other_api_objects + - Name: Authentication + File: authentication + - Name: Authorization + File: authorization + - Name: Persistent Storage + File: storage + Distros: openshift-* + - Name: Source Control Management + File: scm + Distros: openshift-* + - Name: Admission Controllers + File: admission_controllers + Distros: openshift-enterprise,openshift-origin,openshift-dedicated + - Name: Other API Objects + File: other_api_objects - Name: Networking Dir: networking Topics: - - Name: Networking - File: networking - Distros: openshift-* - - Name: OpenShift SDN - File: sdn - Distros: openshift-* - - Name: Network Plug-ins - File: network_plugins - Distros: openshift-* - - Name: Port Forwarding - File: port_forwarding - Distros: openshift-* - - Name: Remote Commands - File: remote_commands - Distros: openshift-* - - Name: HAProxy Router Plug-in - File: haproxy-router - Distros: openshift-* - - Name: Routes - File: routes - Distros: openshift-* + - Name: Networking + File: networking + Distros: openshift-* + - Name: OpenShift SDN + File: sdn + Distros: openshift-* + - Name: Network Plug-ins + File: network_plugins + Distros: openshift-* + - Name: Port Forwarding + File: port_forwarding + Distros: openshift-* + - Name: Remote Commands + File: remote_commands + Distros: openshift-* + - Name: HAProxy Router Plug-in + File: haproxy-router + Distros: openshift-* + - Name: Routes + File: routes + Distros: openshift-* - Name: Service Catalog Components Dir: service_catalog Distros: openshift-enterprise,openshift-origin Topics: - - Name: Service Catalog - File: index - - Name: Template Service Broker - File: template_service_broker - - Name: OpenShift Ansible Broker - File: ansible_service_broker - - Name: Revision History - File: revhistory_architecture - Distros: openshift-enterprise,openshift-dedicated + - Name: Service Catalog + File: index + - Name: Template Service Broker + File: template_service_broker + - Name: OpenShift Ansible Broker + File: ansible_service_broker +- Name: Revision History + File: revhistory_architecture + Distros: openshift-enterprise,openshift-dedicated --- Name: Container Security Guide Dir: security @@ -444,6 +444,70 @@ Topics: Dir: storage_examples Distros: openshift-origin,openshift-enterprise Topics: + - Name: Overview + File: index + - Name: Sharing an NFS PV Across Two Pods + File: shared_storage + - Name: Complete Example Using Ceph RBD + File: ceph_example + - Name: Complete Example Using Ceph RBD for Dynamic Provisioning + File: ceph_rbd_dynamic_example + - Name: Complete Example Using GlusterFS + File: gluster_example + - Name: Dynamic Provisioning Example Using Containerized GlusterFS + File: gluster_dynamic_example + - Name: Dynamic Provisioning Example Using Dedicated GlusterFS + File: dedicated_gluster_dynamic_example + - Name: Containerized Heketi for Managing Dedicated GlusterFS + File: containerized_heketi_with_dedicated_gluster + - Name: Mounting Volumes To Privileged Pods + File: privileged_pod_storage + - Name: Backing Docker Registry with GlusterFS Storage + File: gluster_backed_registry + - Name: Binding Persistent Volumes by Label + File: binding_pv_by_label + - Name: Using StorageClasses for Dynamic Provisioning + File: storage_classes_dynamic_provisioning + - Name: Using StorageClasses for Existing Legacy Storage + File: storage_classes_legacy + - Name: Configuring Azure Blob Storage for Integrated Docker Registry + File: azure_blob_docker_registry_example +- Name: Working with HTTP Proxies + File: http_proxies + Distros: openshift-origin,openshift-enterprise +- Name: Configuring Global Build Defaults and Overrides + File: build_defaults_overrides + Distros: openshift-origin,openshift-enterprise +- Name: Configuring Pipeline Execution + File: configuring_pipeline_execution + Distros: openshift-origin,openshift-enterprise +- Name: Configuring Route Timeouts + File: configuring_routing + Distros: openshift-origin,openshift-enterprise +- Name: Configuring Native Container Routing + File: configuring_native_container_routing + Distros: openshift-origin,openshift-enterprise +- Name: Routing from Edge Load Balancers + File: routing_from_edge_lb + Distros: openshift-origin,openshift-enterprise +- Name: Aggregating Container Logs + File: aggregate_logging + Distros: openshift-origin,openshift-enterprise +- Name: Aggregate Logging Sizing Guidelines + File: aggregate_logging_sizing + Distros: openshift-origin,openshift-enterprise +- Name: Enabling Cluster Metrics + File: cluster_metrics + Distros: openshift-origin,openshift-enterprise +- Name: Customizing the Web Console + File: web_console_customization + Distros: openshift-origin,openshift-enterprise,atomic-* +- Name: Deploying External Persistent Volume Provisioners + File: provisioners + Distros: openshift-origin,openshift-enterprise +- Name: Revision History + File: revhistory_install_config + Distros: openshift-enterprise --- Name: Cluster Administration Dir: admin_guide @@ -577,12 +641,12 @@ Topics: - Name: Application Life Cycle Management Dir: application_lifecycle Topics: - - Name: Planning Your Development Process - File: development_process - - Name: Creating New Applications - File: new_app - - Name: Promoting Applications Across Environments - File: promoting_applications + - Name: Planning Your Development Process + File: development_process + - Name: Creating New Applications + File: new_app + - Name: Promoting Applications Across Environments + File: promoting_applications - Name: Authentication File: authentication - Name: Authorization @@ -592,76 +656,76 @@ Topics: - Name: Migrating Applications Dir: migrating_applications Topics: - - Name: Overview - File: index - - Name: Database Applications - File: database_applications - - Name: Web Framework Applications - File: web_framework_applications - - Name: QuickStart Examples - File: quickstart_examples - - Name: Continuous Integration and Deployment - File: continuous_integration_and_deployment - - Name: Webhooks and Action Hooks - File: web_hooks_action_hooks - - Name: S2I Tool - File: S2I_tool - - Name: Support Guide - File: support_guide + - Name: Overview + File: index + - Name: Database Applications + File: database_applications + - Name: Web Framework Applications + File: web_framework_applications + - Name: QuickStart Examples + File: quickstart_examples + - Name: Continuous Integration and Deployment + File: continuous_integration_and_deployment + - Name: Webhooks and Action Hooks + File: web_hooks_action_hooks + - Name: S2I Tool + File: S2I_tool + - Name: Support Guide + File: support_guide - Name: Tutorials Dir: dev_tutorials Topics: - - Name: Overview - File: index - - Name: Quickstart Templates - File: quickstarts - - Name: Ruby on Rails - File: ruby_on_rails - - Name: Setting Up a Nexus Mirror - File: maven_tutorial - - Name: OpenShift Pipeline Builds - File: openshift_pipeline - - Name: Binary Builds - File: binary_builds + - Name: Overview + File: index + - Name: Quickstart Templates + File: quickstarts + - Name: Ruby on Rails + File: ruby_on_rails + - Name: Setting Up a Nexus Mirror + File: maven_tutorial + - Name: OpenShift Pipeline Builds + File: openshift_pipeline + - Name: Binary Builds + File: binary_builds - Name: Builds Dir: builds Topics: - - Name: How Builds Work - File: index - - Name: Basic Build Operations - File: basic_build_operations - - Name: Build Inputs - File: build_inputs - - Name: Build Output - File: build_output - - Name: Build Strategy Options - File: build_strategies - - Name: Build Environment - File: build_environment - - Name: Triggering Builds - File: triggering_builds - - Name: Build Hooks - File: build_hooks - - Name: Build Run Policy - File: build_run_policy - - Name: Advanced Build Operations - File: advanced_build_operations - - Name: Troubleshooting - File: build_troubleshooting + - Name: How Builds Work + File: index + - Name: Basic Build Operations + File: basic_build_operations + - Name: Build Inputs + File: build_inputs + - Name: Build Output + File: build_output + - Name: Build Strategy Options + File: build_strategies + - Name: Build Environment + File: build_environment + - Name: Triggering Builds + File: triggering_builds + - Name: Build Hooks + File: build_hooks + - Name: Build Run Policy + File: build_run_policy + - Name: Advanced Build Operations + File: advanced_build_operations + - Name: Troubleshooting + File: build_troubleshooting - Name: Deployments Dir: deployments Topics: - - Name: How Deployments Work - File: how_deployments_work - - Name: Basic Deployment Operations - File: basic_deployment_operations - - Name: Deployment Strategies - File: deployment_strategies - - Name: Advanced Deployment Strategies - File: advanced_deployment_strategies - - Name: Kubernetes Deployments Support - File: kubernetes_deployments - Distros: openshift-enterprise,openshift-origin,openshift-dedicated + - Name: How Deployments Work + File: how_deployments_work + - Name: Basic Deployment Operations + File: basic_deployment_operations + - Name: Deployment Strategies + File: deployment_strategies + - Name: Advanced Deployment Strategies + File: advanced_deployment_strategies + - Name: Kubernetes Deployments Support + File: kubernetes_deployments + Distros: openshift-enterprise,openshift-origin,openshift-dedicated - Name: Templates File: templates - Name: Opening a Remote Shell to Containers @@ -756,57 +820,57 @@ Topics: - Name: Source-to-Image (S2I) Dir: s2i_images Topics: - - Name: Overview - File: index - - Name: Java - File: java - Distros: openshift-origin,openshift-online - - Name: .NET Core - File: dot_net_core - Distros: openshift-online,openshift-enterprise,openshift-dedicated - - Name: Node.js - File: nodejs - - Name: Perl - File: perl - - Name: PHP - File: php - - Name: Python - File: python - - Name: Ruby - File: ruby - - Name: Customizing S2I Images - File: customizing_s2i_images + - Name: Overview + File: index + - Name: Java + File: java + Distros: openshift-origin,openshift-online + - Name: .NET Core + File: dot_net_core + Distros: openshift-online,openshift-enterprise,openshift-dedicated + - Name: Node.js + File: nodejs + - Name: Perl + File: perl + - Name: PHP + File: php + - Name: Python + File: python + - Name: Ruby + File: ruby + - Name: Customizing S2I Images + File: customizing_s2i_images - Name: Database Images Dir: db_images Topics: - - Name: Overview - File: index - - Name: MySQL - File: mysql - - Name: PostgreSQL - File: postgresql - - Name: MongoDB - File: mongodb - - Name: MariaDB - File: mariadb + - Name: Overview + File: index + - Name: MySQL + File: mysql + - Name: PostgreSQL + File: postgresql + - Name: MongoDB + File: mongodb + - Name: MariaDB + File: mariadb - Name: Docker Images Dir: docker_images Topics: - - Name: Overview - File: index + - Name: Overview + File: index - Name: Other Images Dir: other_images Topics: - - Name: Overview - File: index - - Name: Jenkins - File: jenkins + - Name: Overview + File: index + - Name: Jenkins + File: jenkins - Name: xPaaS Middleware Images Dir: xpaas_images Distros: openshift-online,openshift-enterprise,openshift-dedicated Topics: - - Name: Overview - File: index + - Name: Overview + File: index - Name: Revision History File: revhistory_using_images Distros: openshift-enterprise,openshift-dedicated @@ -816,10 +880,382 @@ Dir: rest_api Topics: - Name: Overview File: index -- Name: OpenShift v1 - File: openshift_v1 -- Name: Kubernetes v1 - File: kubernetes_v1 +- Name: Examples + File: examples - Name: Revision History File: revhistory_rest_api Distros: openshift-enterprise,openshift-dedicated +- Name: /api/v1 + Dir: api + Topics: + - Name: v1.APIResourceList + File: v1.APIResourceList + - Name: v1.APIVersions + File: v1.APIVersions + - Name: v1.Binding + File: v1.Binding + - Name: v1.ComponentStatus + File: v1.ComponentStatus + - Name: v1.ConfigMap + File: v1.ConfigMap + - Name: v1.Endpoints + File: v1.Endpoints + - Name: v1.Event + File: v1.Event + - Name: v1.LimitRange + File: v1.LimitRange + - Name: v1.Namespace + File: v1.Namespace + - Name: v1.Node + File: v1.Node + - Name: v1.PersistentVolume + File: v1.PersistentVolume + - Name: v1.PersistentVolumeClaim + File: v1.PersistentVolumeClaim + - Name: v1.Pod + File: v1.Pod + - Name: v1.PodTemplate + File: v1.PodTemplate + - Name: v1.ReplicationController + File: v1.ReplicationController + - Name: v1.ResourceQuota + File: v1.ResourceQuota + - Name: v1.Secret + File: v1.Secret + - Name: v1.SecurityContextConstraints + File: v1.SecurityContextConstraints + - Name: v1.Service + File: v1.Service + - Name: v1.ServiceAccount + File: v1.ServiceAccount +- Name: /apis/v1 + Dir: apis + Topics: + - Name: v1.APIGroup + File: v1.APIGroup + - Name: v1.APIGroupList + File: v1.APIGroupList +- Name: /apis/apps/v1beta1 + Dir: apis-apps + Topics: + - Name: v1beta1.ControllerRevision + File: v1beta1.ControllerRevision + - Name: v1beta1.Deployment + File: v1beta1.Deployment + - Name: v1beta1.StatefulSet + File: v1beta1.StatefulSet +- Name: /apis/autoscaling/v1 + Dir: apis-autoscaling + Topics: + - Name: v1.HorizontalPodAutoscaler + File: v1.HorizontalPodAutoscaler +- Name: /apis/batch/v1 + Dir: apis-batch + Topics: + - Name: v1.Job + File: v1.Job +- Name: /apis/batch/v2alpha1 + Dir: apis-batch + Topics: + - Name: v2alpha1.CronJob + File: v2alpha1.CronJob + - Name: v2alpha1.ScheduledJob + File: v2alpha1.ScheduledJob +- Name: /apis/extensions/v1beta1 + Dir: apis-extensions + Topics: + - Name: v1beta1.DaemonSet + File: v1beta1.DaemonSet + - Name: v1beta1.Deployment + File: v1beta1.Deployment + - Name: v1beta1.Ingress + File: v1beta1.Ingress + - Name: v1beta1.NetworkPolicy + File: v1beta1.NetworkPolicy + - Name: v1beta1.PodSecurityPolicy + File: v1beta1.PodSecurityPolicy + - Name: v1beta1.ReplicaSet + File: v1beta1.ReplicaSet + - Name: v1beta1.ThirdPartyResource + File: v1beta1.ThirdPartyResource +- Name: /apis/policy/v1beta1 + Dir: apis-policy + Topics: + - Name: v1beta1.PodDisruptionBudget + File: v1beta1.PodDisruptionBudget +- Name: /apis/authentication.k8s.io/v1 + Dir: apis-authentication.k8s.io + Topics: + - Name: v1.TokenReview + File: v1.TokenReview +- Name: /apis/authentication.k8s.io/v1beta1 + Dir: apis-authentication.k8s.io + Topics: + - Name: v1beta1.TokenReview + File: v1beta1.TokenReview +- Name: /apis/authorization.k8s.io/v1 + Dir: apis-authorization.k8s.io + Topics: + - Name: v1.LocalSubjectAccessReview + File: v1.LocalSubjectAccessReview + - Name: v1.SelfSubjectAccessReview + File: v1.SelfSubjectAccessReview + - Name: v1.SubjectAccessReview + File: v1.SubjectAccessReview +- Name: /apis/authorization.k8s.io/v1beta1 + Dir: apis-authorization.k8s.io + Topics: + - Name: v1beta1.LocalSubjectAccessReview + File: v1beta1.LocalSubjectAccessReview + - Name: v1beta1.SelfSubjectAccessReview + File: v1beta1.SelfSubjectAccessReview + - Name: v1beta1.SubjectAccessReview + File: v1beta1.SubjectAccessReview +- Name: /apis/rbac.authorization.k8s.io/v1beta1 + Dir: apis-rbac.authorization.k8s.io + Topics: + - Name: v1beta1.ClusterRole + File: v1beta1.ClusterRole + - Name: v1beta1.ClusterRoleBinding + File: v1beta1.ClusterRoleBinding + - Name: v1beta1.Role + File: v1beta1.Role + - Name: v1beta1.RoleBinding + File: v1beta1.RoleBinding +- Name: /apis/certificates.k8s.io/v1beta1 + Dir: apis-certificates.k8s.io + Topics: + - Name: v1beta1.CertificateSigningRequest + File: v1beta1.CertificateSigningRequest +- Name: /apis/networking.k8s.io/v1 + Dir: apis-networking.k8s.io + Topics: + - Name: v1.NetworkPolicy + File: v1.NetworkPolicy +- Name: /apis/storage.k8s.io/v1 + Dir: apis-storage.k8s.io + Topics: + - Name: v1.StorageClass + File: v1.StorageClass +- Name: /apis/storage.k8s.io/v1beta1 + Dir: apis-storage.k8s.io + Topics: + - Name: v1beta1.StorageClass + File: v1beta1.StorageClass +- Name: /apis/apps.openshift.io/v1 + Dir: apis-apps.openshift.io + Topics: + - Name: v1.DeploymentConfig + File: v1.DeploymentConfig +- Name: /apis/authorization.openshift.io/v1 + Dir: apis-authorization.openshift.io + Topics: + - Name: v1.ClusterRole + File: v1.ClusterRole + - Name: v1.ClusterRoleBinding + File: v1.ClusterRoleBinding + - Name: v1.LocalResourceAccessReview + File: v1.LocalResourceAccessReview + - Name: v1.LocalSubjectAccessReview + File: v1.LocalSubjectAccessReview + - Name: v1.ResourceAccessReview + File: v1.ResourceAccessReview + - Name: v1.Role + File: v1.Role + - Name: v1.RoleBinding + File: v1.RoleBinding + - Name: v1.RoleBindingRestriction + File: v1.RoleBindingRestriction + - Name: v1.SelfSubjectRulesReview + File: v1.SelfSubjectRulesReview + - Name: v1.SubjectAccessReview + File: v1.SubjectAccessReview + - Name: v1.SubjectRulesReview + File: v1.SubjectRulesReview +- Name: /apis/build.openshift.io/v1 + Dir: apis-build.openshift.io + Topics: + - Name: v1.Build + File: v1.Build + - Name: v1.BuildConfig + File: v1.BuildConfig +- Name: /apis/image.openshift.io/v1 + Dir: apis-image.openshift.io + Topics: + - Name: v1.Image + File: v1.Image + - Name: v1.ImageSignature + File: v1.ImageSignature + - Name: v1.ImageStream + File: v1.ImageStream + - Name: v1.ImageStreamImage + File: v1.ImageStreamImage + - Name: v1.ImageStreamImport + File: v1.ImageStreamImport + - Name: v1.ImageStreamMapping + File: v1.ImageStreamMapping + - Name: v1.ImageStreamTag + File: v1.ImageStreamTag +- Name: /apis/network.openshift.io/v1 + Dir: apis-network.openshift.io + Topics: + - Name: v1.ClusterNetwork + File: v1.ClusterNetwork + - Name: v1.EgressNetworkPolicy + File: v1.EgressNetworkPolicy + - Name: v1.HostSubnet + File: v1.HostSubnet + - Name: v1.NetNamespace + File: v1.NetNamespace +- Name: /apis/oauth.openshift.io/v1 + Dir: apis-oauth.openshift.io + Topics: + - Name: v1.OAuthAccessToken + File: v1.OAuthAccessToken + - Name: v1.OAuthAuthorizeToken + File: v1.OAuthAuthorizeToken + - Name: v1.OAuthClient + File: v1.OAuthClient + - Name: v1.OAuthClientAuthorization + File: v1.OAuthClientAuthorization +- Name: /apis/project.openshift.io/v1 + Dir: apis-project.openshift.io + Topics: + - Name: v1.Project + File: v1.Project + - Name: v1.ProjectRequest + File: v1.ProjectRequest +- Name: /apis/quota.openshift.io/v1 + Dir: apis-quota.openshift.io + Topics: + - Name: v1.AppliedClusterResourceQuota + File: v1.AppliedClusterResourceQuota + - Name: v1.ClusterResourceQuota + File: v1.ClusterResourceQuota +- Name: /apis/route.openshift.io/v1 + Dir: apis-route.openshift.io + Topics: + - Name: v1.Route + File: v1.Route +- Name: /apis/security.openshift.io/v1 + Dir: apis-security.openshift.io + Topics: + - Name: v1.PodSecurityPolicyReview + File: v1.PodSecurityPolicyReview + - Name: v1.PodSecurityPolicySelfSubjectReview + File: v1.PodSecurityPolicySelfSubjectReview + - Name: v1.PodSecurityPolicySubjectReview + File: v1.PodSecurityPolicySubjectReview + - Name: v1.SecurityContextConstraints + File: v1.SecurityContextConstraints +- Name: /apis/template.openshift.io/v1 + Dir: apis-template.openshift.io + Topics: + - Name: v1.BrokerTemplateInstance + File: v1.BrokerTemplateInstance + - Name: v1.Template + File: v1.Template + - Name: v1.TemplateInstance + File: v1.TemplateInstance +- Name: /apis/user.openshift.io/v1 + Dir: apis-user.openshift.io + Topics: + - Name: v1.Group + File: v1.Group + - Name: v1.Identity + File: v1.Identity + - Name: v1.User + File: v1.User + - Name: v1.UserIdentityMapping + File: v1.UserIdentityMapping +- Name: /oapi/v1 + Dir: oapi + Topics: + - Name: v1.AppliedClusterResourceQuota + File: v1.AppliedClusterResourceQuota + - Name: v1.Build + File: v1.Build + - Name: v1.BuildConfig + File: v1.BuildConfig + - Name: v1.ClusterNetwork + File: v1.ClusterNetwork + - Name: v1.ClusterResourceQuota + File: v1.ClusterResourceQuota + - Name: v1.ClusterRole + File: v1.ClusterRole + - Name: v1.ClusterRoleBinding + File: v1.ClusterRoleBinding + - Name: v1.DeploymentConfig + File: v1.DeploymentConfig + - Name: v1.DeploymentConfigRollback + File: v1.DeploymentConfigRollback + - Name: v1.EgressNetworkPolicy + File: v1.EgressNetworkPolicy + - Name: v1.Group + File: v1.Group + - Name: v1.HostSubnet + File: v1.HostSubnet + - Name: v1.Identity + File: v1.Identity + - Name: v1.Image + File: v1.Image + - Name: v1.ImageSignature + File: v1.ImageSignature + - Name: v1.ImageStream + File: v1.ImageStream + - Name: v1.ImageStreamImage + File: v1.ImageStreamImage + - Name: v1.ImageStreamImport + File: v1.ImageStreamImport + - Name: v1.ImageStreamMapping + File: v1.ImageStreamMapping + - Name: v1.ImageStreamTag + File: v1.ImageStreamTag + - Name: v1.LocalResourceAccessReview + File: v1.LocalResourceAccessReview + - Name: v1.LocalSubjectAccessReview + File: v1.LocalSubjectAccessReview + - Name: v1.NetNamespace + File: v1.NetNamespace + - Name: v1.OAuthAccessToken + File: v1.OAuthAccessToken + - Name: v1.OAuthAuthorizeToken + File: v1.OAuthAuthorizeToken + - Name: v1.OAuthClient + File: v1.OAuthClient + - Name: v1.OAuthClientAuthorization + File: v1.OAuthClientAuthorization + - Name: v1.PodSecurityPolicyReview + File: v1.PodSecurityPolicyReview + - Name: v1.PodSecurityPolicySelfSubjectReview + File: v1.PodSecurityPolicySelfSubjectReview + - Name: v1.PodSecurityPolicySubjectReview + File: v1.PodSecurityPolicySubjectReview + - Name: v1.ProcessedTemplate + File: v1.ProcessedTemplate + - Name: v1.Project + File: v1.Project + - Name: v1.ProjectRequest + File: v1.ProjectRequest + - Name: v1.ResourceAccessReview + File: v1.ResourceAccessReview + - Name: v1.Role + File: v1.Role + - Name: v1.RoleBinding + File: v1.RoleBinding + - Name: v1.RoleBindingRestriction + File: v1.RoleBindingRestriction + - Name: v1.Route + File: v1.Route + - Name: v1.SelfSubjectRulesReview + File: v1.SelfSubjectRulesReview + - Name: v1.SubjectAccessReview + File: v1.SubjectAccessReview + - Name: v1.SubjectRulesReview + File: v1.SubjectRulesReview + - Name: v1.Template + File: v1.Template + - Name: v1.User + File: v1.User + - Name: v1.UserIdentityMapping + File: v1.UserIdentityMapping diff --git a/rest_api/api/v1.APIResourceList.adoc b/rest_api/api/v1.APIResourceList.adoc new file mode 100644 index 000000000000..d7b4ac58c6e6 --- /dev/null +++ b/rest_api/api/v1.APIResourceList.adoc @@ -0,0 +1,1230 @@ += v1.APIResourceList +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
groupVersion:
+
kind:
+
resources:
+
- categories:
+
- - [string]:
+
  kind:
+
  name:
+
  namespaced:
+
  shortNames:
+
  - [string]:
+
  singularName:
+
  verbs:
+
  - [string]:
+

+
+++++ + +== Operations + +[[Get-api-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /api/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/apps/v1beta1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authentication.k8s.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/authentication.k8s.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authentication.k8s.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authentication.k8s.io-v1beta1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/authentication.k8s.io/v1beta1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authentication.k8s.io/v1beta1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.k8s.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/authorization.k8s.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.k8s.io-v1beta1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/authorization.k8s.io/v1beta1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1beta1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-autoscaling-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/autoscaling/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/batch/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v2alpha1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/batch/v2alpha1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-build.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-certificates.k8s.io-v1beta1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/certificates.k8s.io/v1beta1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/extensions/v1beta1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-networking.k8s.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/networking.k8s.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-policy-v1beta1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/policy/v1beta1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-project.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/project.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-quota.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/quota.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-route.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/route.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-security.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/security.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-storage.k8s.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-storage.k8s.io-v1beta1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1beta1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-template.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-user.openshift.io-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1]] +=== Get all APIResourceLists +Get available resources + +==== HTTP request +---- +GET /oapi/v1/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.APIVersions.adoc b/rest_api/api/v1.APIVersions.adoc new file mode 100644 index 000000000000..34b9e5d4e89f --- /dev/null +++ b/rest_api/api/v1.APIVersions.adoc @@ -0,0 +1,116 @@ += v1.APIVersions +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
serverAddressByClientCIDRs:
+
- clientCIDR:
+
  serverAddress:
+
versions:
+
- [string]:
+

+
+++++ + +== Operations + +[[Get-api]] +=== Get all APIVersions +Get available API versions + +==== HTTP request +---- +GET /api/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIVersions +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi]] +=== Get all APIVersions +Get available API versions + +==== HTTP request +---- +GET /oapi/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIVersions +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.Binding.adoc b/rest_api/api/v1.Binding.adoc new file mode 100644 index 000000000000..fbb845330f17 --- /dev/null +++ b/rest_api/api/v1.Binding.adoc @@ -0,0 +1,252 @@ += v1.Binding +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Binding ties one object to another; for example, a pod is bound to a node by a scheduler. Deprecated in 1.7, please use the bindings subresource of pods instead. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
target:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-api-v1-bindings]] +=== Create a Binding +Create a Binding + +==== HTTP request +---- +POST /api/v1/bindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Binding", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/bindings <<'EOF' +{ + "kind": "Binding", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Binding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Binding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-bindings]] +=== Create a Binding in a namespace +Create a Binding + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/bindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Binding", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/bindings <<'EOF' +{ + "kind": "Binding", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Binding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Binding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.ComponentStatus.adoc b/rest_api/api/v1.ComponentStatus.adoc new file mode 100644 index 000000000000..99795f276a24 --- /dev/null +++ b/rest_api/api/v1.ComponentStatus.adoc @@ -0,0 +1,209 @@ += v1.ComponentStatus +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ComponentStatus (and ComponentStatusList) holds the cluster validation info. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
conditions:
+
- error:
+
  message:
+
  status:
+
  type:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+

+
+++++ + +== Operations + +[[Get-api-v1-componentstatuses-name]] +=== Get a ComponentStatus +Read the specified ComponentStatus + +==== HTTP request +---- +GET /api/v1/componentstatuses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/componentstatuses/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ComponentStatus +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ComponentStatus +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-componentstatuses]] +=== Get all ComponentStatuses +List objects of kind ComponentStatus + +==== HTTP request +---- +GET /api/v1/componentstatuses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/componentstatuses +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ComponentStatusList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + + diff --git a/rest_api/api/v1.ConfigMap.adoc b/rest_api/api/v1.ConfigMap.adoc new file mode 100644 index 000000000000..ef4210a2e35f --- /dev/null +++ b/rest_api/api/v1.ConfigMap.adoc @@ -0,0 +1,885 @@ += v1.ConfigMap +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ConfigMap holds configuration data for pods to consume. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
data:
+
  [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-api-v1-configmaps]] +=== Create a ConfigMap +Create a ConfigMap + +==== HTTP request +---- +POST /api/v1/configmaps HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ConfigMap", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/configmaps <<'EOF' +{ + "kind": "ConfigMap", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ConfigMap +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ConfigMap +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-configmaps]] +=== Create a ConfigMap in a namespace +Create a ConfigMap + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/configmaps HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ConfigMap", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/configmaps <<'EOF' +{ + "kind": "ConfigMap", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ConfigMap +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ConfigMap +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-configmaps-name]] +=== Get a ConfigMap in a namespace +Read the specified ConfigMap + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/configmaps/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/configmaps/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ConfigMap +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ConfigMap +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-configmaps]] +=== Get all ConfigMaps +List or watch objects of kind ConfigMap + +==== HTTP request +---- +GET /api/v1/configmaps HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/configmaps +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ConfigMapList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-configmaps]] +=== Get all ConfigMaps in a namespace +List or watch objects of kind ConfigMap + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/configmaps HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/configmaps +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ConfigMapList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-configmaps-name]] +=== Watch a ConfigMap in a namespace +Watch changes to an object of kind ConfigMap + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/configmaps/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/configmaps/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ConfigMap +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-configmaps]] +=== Watch all ConfigMaps +Watch individual changes to a list of ConfigMap + +==== HTTP request +---- +GET /api/v1/watch/configmaps HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/configmaps +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-configmaps]] +=== Watch all ConfigMaps in a namespace +Watch individual changes to a list of ConfigMap + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/configmaps HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/configmaps +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-configmaps-name]] +=== Update a ConfigMap in a namespace +Replace the specified ConfigMap + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/configmaps/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ConfigMap", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/configmaps/$NAME <<'EOF' +{ + "kind": "ConfigMap", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ConfigMap +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ConfigMap +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ConfigMap +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-configmaps-name]] +=== Patch a ConfigMap in a namespace +Partially update the specified ConfigMap + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/configmaps/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/configmaps/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ConfigMap +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ConfigMap +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-configmaps-name]] +=== Delete a ConfigMap in a namespace +Delete a ConfigMap + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/configmaps/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/configmaps/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ConfigMap +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-configmaps]] +=== Delete all ConfigMaps in a namespace +Delete collection of ConfigMap + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/configmaps HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/configmaps +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.Endpoints.adoc b/rest_api/api/v1.Endpoints.adoc new file mode 100644 index 000000000000..dd35f27c3f02 --- /dev/null +++ b/rest_api/api/v1.Endpoints.adoc @@ -0,0 +1,923 @@ += v1.Endpoints +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Endpoints is a collection of endpoints that implement the actual service. Example: + Name: "mysvc", + Subsets: [ + { + Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], + Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] + }, + { + Addresses: [{"ip": "10.10.3.3"}], + Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}] + }, + ] + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
subsets:
+
- addresses:
+
- - hostname:
+
    ip:
+
    nodeName:
+
    targetRef:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
  notReadyAddresses:
+
  - hostname:
+
    ip:
+
    nodeName:
+
    targetRef:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
  ports:
+
  - name:
+
    port:
+
    protocol:
+

+
+++++ + +== Operations + +[[Post-api-v1-endpoints]] +=== Create a Endpoints +Create Endpoints + +==== HTTP request +---- +POST /api/v1/endpoints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Endpoints", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/endpoints <<'EOF' +{ + "kind": "Endpoints", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Endpoints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Endpoints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-endpoints]] +=== Create a Endpoints in a namespace +Create Endpoints + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/endpoints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Endpoints", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/endpoints <<'EOF' +{ + "kind": "Endpoints", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Endpoints +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Endpoints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-endpoints-name]] +=== Get a Endpoints in a namespace +Read the specified Endpoints + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/endpoints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/endpoints/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Endpoints +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Endpoints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-endpoints]] +=== Get all Endpoints +List or watch objects of kind Endpoints + +==== HTTP request +---- +GET /api/v1/endpoints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/endpoints +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EndpointsList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-endpoints]] +=== Get all Endpoints in a namespace +List or watch objects of kind Endpoints + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/endpoints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/endpoints +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EndpointsList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-endpoints-name]] +=== Watch a Endpoints in a namespace +Watch changes to an object of kind Endpoints + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/endpoints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/endpoints/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Endpoints +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-endpoints]] +=== Watch all Endpoints +Watch individual changes to a list of Endpoints + +==== HTTP request +---- +GET /api/v1/watch/endpoints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/endpoints +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-endpoints]] +=== Watch all Endpoints in a namespace +Watch individual changes to a list of Endpoints + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/endpoints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/endpoints +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-endpoints-name]] +=== Update a Endpoints in a namespace +Replace the specified Endpoints + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/endpoints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Endpoints", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/endpoints/$NAME <<'EOF' +{ + "kind": "Endpoints", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Endpoints +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Endpoints +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Endpoints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-endpoints-name]] +=== Patch a Endpoints in a namespace +Partially update the specified Endpoints + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/endpoints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/endpoints/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Endpoints +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Endpoints +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-endpoints-name]] +=== Delete a Endpoints in a namespace +Delete Endpoints + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/endpoints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/endpoints/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Endpoints +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-endpoints]] +=== Delete all Endpoints in a namespace +Delete collection of Endpoints + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/endpoints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/endpoints +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.Event.adoc b/rest_api/api/v1.Event.adoc new file mode 100644 index 000000000000..e4c5d5f24e94 --- /dev/null +++ b/rest_api/api/v1.Event.adoc @@ -0,0 +1,900 @@ += v1.Event +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Event is a report of an event somewhere in the cluster. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
count:
+
firstTimestamp:
+
involvedObject:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
kind:
+
lastTimestamp:
+
message:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
reason:
+
source:
+
  component:
+
  host:
+
type:
+

+
+++++ + +== Operations + +[[Post-api-v1-events]] +=== Create a Event +Create an Event + +==== HTTP request +---- +POST /api/v1/events HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Event", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/events <<'EOF' +{ + "kind": "Event", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Event +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Event +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-events]] +=== Create a Event in a namespace +Create an Event + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/events HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Event", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/events <<'EOF' +{ + "kind": "Event", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Event +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Event +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-events-name]] +=== Get a Event in a namespace +Read the specified Event + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/events/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/events/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Event +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Event +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-events]] +=== Get all Events +List or watch objects of kind Event + +==== HTTP request +---- +GET /api/v1/events HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/events +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EventList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-events]] +=== Get all Events in a namespace +List or watch objects of kind Event + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/events HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/events +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EventList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-events-name]] +=== Watch a Event in a namespace +Watch changes to an object of kind Event + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/events/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/events/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Event +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-events]] +=== Watch all Events +Watch individual changes to a list of Event + +==== HTTP request +---- +GET /api/v1/watch/events HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/events +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-events]] +=== Watch all Events in a namespace +Watch individual changes to a list of Event + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/events HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/events +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-events-name]] +=== Update a Event in a namespace +Replace the specified Event + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/events/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Event", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/events/$NAME <<'EOF' +{ + "kind": "Event", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Event +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Event +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Event +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-events-name]] +=== Patch a Event in a namespace +Partially update the specified Event + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/events/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/events/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Event +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Event +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-events-name]] +=== Delete a Event in a namespace +Delete an Event + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/events/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/events/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Event +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-events]] +=== Delete all Events in a namespace +Delete collection of Event + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/events HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/events +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.LimitRange.adoc b/rest_api/api/v1.LimitRange.adoc new file mode 100644 index 000000000000..511b31b2216d --- /dev/null +++ b/rest_api/api/v1.LimitRange.adoc @@ -0,0 +1,896 @@ += v1.LimitRange +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +LimitRange sets resource usage limits for each kind of resource in a Namespace. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  limits:
+
  - default:
+
  -   [string]:
+
    defaultRequest:
+
      [string]:
+
    max:
+
      [string]:
+
    maxLimitRequestRatio:
+
      [string]:
+
    min:
+
      [string]:
+
    type:
+

+
+++++ + +== Operations + +[[Post-api-v1-limitranges]] +=== Create a LimitRange +Create a LimitRange + +==== HTTP request +---- +POST /api/v1/limitranges HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LimitRange", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/limitranges <<'EOF' +{ + "kind": "LimitRange", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LimitRange +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LimitRange +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-limitranges]] +=== Create a LimitRange in a namespace +Create a LimitRange + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/limitranges HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LimitRange", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/limitranges <<'EOF' +{ + "kind": "LimitRange", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LimitRange +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LimitRange +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-limitranges-name]] +=== Get a LimitRange in a namespace +Read the specified LimitRange + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/limitranges/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/limitranges/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the LimitRange +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LimitRange +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-limitranges]] +=== Get all LimitRanges +List or watch objects of kind LimitRange + +==== HTTP request +---- +GET /api/v1/limitranges HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/limitranges +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LimitRangeList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-limitranges]] +=== Get all LimitRanges in a namespace +List or watch objects of kind LimitRange + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/limitranges HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/limitranges +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LimitRangeList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-limitranges-name]] +=== Watch a LimitRange in a namespace +Watch changes to an object of kind LimitRange + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/limitranges/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/limitranges/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the LimitRange +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-limitranges]] +=== Watch all LimitRanges +Watch individual changes to a list of LimitRange + +==== HTTP request +---- +GET /api/v1/watch/limitranges HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/limitranges +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-limitranges]] +=== Watch all LimitRanges in a namespace +Watch individual changes to a list of LimitRange + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/limitranges HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/limitranges +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-limitranges-name]] +=== Update a LimitRange in a namespace +Replace the specified LimitRange + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/limitranges/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LimitRange", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/limitranges/$NAME <<'EOF' +{ + "kind": "LimitRange", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LimitRange +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the LimitRange +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LimitRange +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-limitranges-name]] +=== Patch a LimitRange in a namespace +Partially update the specified LimitRange + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/limitranges/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/limitranges/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the LimitRange +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LimitRange +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-limitranges-name]] +=== Delete a LimitRange in a namespace +Delete a LimitRange + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/limitranges/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/limitranges/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the LimitRange +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-limitranges]] +=== Delete all LimitRanges in a namespace +Delete collection of LimitRange + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/limitranges HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/limitranges +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.Namespace.adoc b/rest_api/api/v1.Namespace.adoc new file mode 100644 index 000000000000..c74e6d1ed4e1 --- /dev/null +++ b/rest_api/api/v1.Namespace.adoc @@ -0,0 +1,906 @@ += v1.Namespace +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Namespace provides a scope for Names. Use of multiple namespaces is optional. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  finalizers:
+
  - [string]:
+
status:
+
  phase:
+

+
+++++ + +== Operations + +[[Post-api-v1-namespaces]] +=== Create a Namespace +Create a Namespace + +==== HTTP request +---- +POST /api/v1/namespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Namespace", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces <<'EOF' +{ + "kind": "Namespace", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Namespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-name]] +=== Get a Namespace +Read the specified Namespace + +==== HTTP request +---- +GET /api/v1/namespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Namespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces]] +=== Get all Namespaces +List or watch objects of kind Namespace + +==== HTTP request +---- +GET /api/v1/namespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NamespaceList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-name]] +=== Watch a Namespace +Watch changes to an object of kind Namespace + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces]] +=== Watch all Namespaces +Watch individual changes to a list of Namespace + +==== HTTP request +---- +GET /api/v1/watch/namespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-name]] +=== Update a Namespace +Replace the specified Namespace + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Namespace", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAME <<'EOF' +{ + "kind": "Namespace", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Namespace +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Namespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-name]] +=== Patch a Namespace +Partially update the specified Namespace + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Namespace +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-name]] +=== Delete a Namespace +Delete a Namespace + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-namespaces-name-finalize]] +=== Update finalize of a Namespace +Replace finalize of the specified Namespace + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAME/finalize HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Namespace", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAME/finalize <<'EOF' +{ + "kind": "Namespace", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Namespace +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Namespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-name-status]] +=== Get status of a Namespace +Read status of the specified Namespace + +==== HTTP request +---- +GET /api/v1/namespaces/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Namespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-namespaces-name-status]] +=== Update status of a Namespace +Replace status of the specified Namespace + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Namespace", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAME/status <<'EOF' +{ + "kind": "Namespace", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Namespace +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Namespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-name-status]] +=== Patch status of a Namespace +Partially update status of the specified Namespace + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Namespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Namespace +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.Node.adoc b/rest_api/api/v1.Node.adoc new file mode 100644 index 000000000000..af573498b109 --- /dev/null +++ b/rest_api/api/v1.Node.adoc @@ -0,0 +1,1659 @@ += v1.Node +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Node is a worker node in Kubernetes. Each node will have a unique identifier in the cache (i.e. in etcd). + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  externalID:
+
  podCIDR:
+
  providerID:
+
  taints:
+
  - effect:
+
    key:
+
    timeAdded:
+
    value:
+
  unschedulable:
+
status:
+
  addresses:
+
  - address:
+
    type:
+
  allocatable:
+
    [string]:
+
  capacity:
+
    [string]:
+
  conditions:
+
  - lastHeartbeatTime:
+
    lastTransitionTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  daemonEndpoints:
+
    kubeletEndpoint:
+
      Port:
+
  images:
+
  - names:
+
  - - [string]:
+
    sizeBytes:
+
  nodeInfo:
+
    architecture:
+
    bootID:
+
    containerRuntimeVersion:
+
    kernelVersion:
+
    kubeProxyVersion:
+
    kubeletVersion:
+
    machineID:
+
    operatingSystem:
+
    osImage:
+
    systemUUID:
+
  phase:
+
  volumesAttached:
+
  - devicePath:
+
    name:
+
  volumesInUse:
+
  - [string]:
+

+
+++++ + +== Operations + +[[Post-api-v1-nodes]] +=== Create a Node +Create a Node + +==== HTTP request +---- +POST /api/v1/nodes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Node", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/nodes <<'EOF' +{ + "kind": "Node", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Node +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-nodes-name]] +=== Get a Node +Read the specified Node + +==== HTTP request +---- +GET /api/v1/nodes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Node +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-nodes]] +=== Get all Nodes +List or watch objects of kind Node + +==== HTTP request +---- +GET /api/v1/nodes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NodeList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-nodes-name]] +=== Watch a Node +Watch changes to an object of kind Node + +==== HTTP request +---- +GET /api/v1/watch/nodes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/nodes/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-nodes]] +=== Watch all Nodes +Watch individual changes to a list of Node + +==== HTTP request +---- +GET /api/v1/watch/nodes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/nodes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-nodes-name]] +=== Update a Node +Replace the specified Node + +==== HTTP request +---- +PUT /api/v1/nodes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Node", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME <<'EOF' +{ + "kind": "Node", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Node +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Node +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-nodes-name]] +=== Patch a Node +Partially update the specified Node + +==== HTTP request +---- +PATCH /api/v1/nodes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/nodes/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Node +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-nodes-name]] +=== Delete a Node +Delete a Node + +==== HTTP request +---- +DELETE /api/v1/nodes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-nodes]] +=== Delete all Nodes +Delete collection of Node + +==== HTTP request +---- +DELETE /api/v1/nodes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-nodes-name-status]] +=== Get status of a Node +Read status of the specified Node + +==== HTTP request +---- +GET /api/v1/nodes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Node +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-nodes-name-status]] +=== Update status of a Node +Replace status of the specified Node + +==== HTTP request +---- +PUT /api/v1/nodes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Node", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/status <<'EOF' +{ + "kind": "Node", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Node +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Node +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-nodes-name-status]] +=== Patch status of a Node +Partially update status of the specified Node + +==== HTTP request +---- +PATCH /api/v1/nodes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Node +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Options-api-v1-nodes-name-proxy]] +=== Proxy OPTIONS request to a Node +Connect OPTIONS requests to proxy of Node + +==== HTTP request +---- +OPTIONS /api/v1/nodes/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X OPTIONS \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-api-v1-nodes-name-proxy]] +=== Proxy POST request to a Node +Connect POST requests to proxy of Node + +==== HTTP request +---- +POST /api/v1/nodes/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Head-api-v1-nodes-name-proxy]] +=== Proxy HEAD request to a Node +Connect HEAD requests to proxy of Node + +==== HTTP request +---- +HEAD /api/v1/nodes/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X HEAD \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-nodes-name-proxy]] +=== Proxy GET request to a Node +Connect GET requests to proxy of Node + +==== HTTP request +---- +GET /api/v1/nodes/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Put-api-v1-nodes-name-proxy]] +=== Proxy PUT request to a Node +Connect PUT requests to proxy of Node + +==== HTTP request +---- +PUT /api/v1/nodes/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Patch-api-v1-nodes-name-proxy]] +=== Proxy PATCH request to a Node +Connect PATCH requests to proxy of Node + +==== HTTP request +---- +PATCH /api/v1/nodes/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Delete-api-v1-nodes-name-proxy]] +=== Proxy DELETE request to a Node +Connect DELETE requests to proxy of Node + +==== HTTP request +---- +DELETE /api/v1/nodes/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Options-api-v1-nodes-name-proxy-path]] +=== Proxy OPTIONS request to a Node (with path) +Connect OPTIONS requests to proxy of Node + +==== HTTP request +---- +OPTIONS /api/v1/nodes/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X OPTIONS \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-api-v1-nodes-name-proxy-path]] +=== Proxy POST request to a Node (with path) +Connect POST requests to proxy of Node + +==== HTTP request +---- +POST /api/v1/nodes/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Head-api-v1-nodes-name-proxy-path]] +=== Proxy HEAD request to a Node (with path) +Connect HEAD requests to proxy of Node + +==== HTTP request +---- +HEAD /api/v1/nodes/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X HEAD \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-nodes-name-proxy-path]] +=== Proxy GET request to a Node (with path) +Connect GET requests to proxy of Node + +==== HTTP request +---- +GET /api/v1/nodes/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Put-api-v1-nodes-name-proxy-path]] +=== Proxy PUT request to a Node (with path) +Connect PUT requests to proxy of Node + +==== HTTP request +---- +PUT /api/v1/nodes/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Patch-api-v1-nodes-name-proxy-path]] +=== Proxy PATCH request to a Node (with path) +Connect PATCH requests to proxy of Node + +==== HTTP request +---- +PATCH /api/v1/nodes/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Delete-api-v1-nodes-name-proxy-path]] +=== Proxy DELETE request to a Node (with path) +Connect DELETE requests to proxy of Node + +==== HTTP request +---- +DELETE /api/v1/nodes/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/nodes/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Node +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to node. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + + diff --git a/rest_api/api/v1.PersistentVolume.adoc b/rest_api/api/v1.PersistentVolume.adoc new file mode 100644 index 000000000000..7f282a21a671 --- /dev/null +++ b/rest_api/api/v1.PersistentVolume.adoc @@ -0,0 +1,1026 @@ += v1.PersistentVolume +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PersistentVolume (PV) is a storage resource provisioned by an administrator. It is analogous to a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  accessModes:
+
  - [string]:
+
  awsElasticBlockStore:
+
    fsType:
+
    partition:
+
    readOnly:
+
    volumeID:
+
  azureDisk:
+
    cachingMode:
+
    diskName:
+
    diskURI:
+
    fsType:
+
    kind:
+
    readOnly:
+
  azureFile:
+
    readOnly:
+
    secretName:
+
    shareName:
+
  capacity:
+
    [string]:
+
  cephfs:
+
    monitors:
+
    - [string]:
+
    path:
+
    readOnly:
+
    secretFile:
+
    secretRef:
+
      name:
+
    user:
+
  cinder:
+
    fsType:
+
    readOnly:
+
    volumeID:
+
  claimRef:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  fc:
+
    fsType:
+
    lun:
+
    readOnly:
+
    targetWWNs:
+
    - [string]:
+
  flexVolume:
+
    driver:
+
    fsType:
+
    options:
+
      [string]:
+
    readOnly:
+
    secretRef:
+
      name:
+
  flocker:
+
    datasetName:
+
    datasetUUID:
+
  gcePersistentDisk:
+
    fsType:
+
    partition:
+
    pdName:
+
    readOnly:
+
  glusterfs:
+
    endpoints:
+
    path:
+
    readOnly:
+
  hostPath:
+
    path:
+
  iscsi:
+
    chapAuthDiscovery:
+
    chapAuthSession:
+
    fsType:
+
    iqn:
+
    iscsiInterface:
+
    lun:
+
    portals:
+
    - [string]:
+
    readOnly:
+
    secretRef:
+
      name:
+
    targetPortal:
+
  local:
+
    path:
+
  nfs:
+
    path:
+
    readOnly:
+
    server:
+
  persistentVolumeReclaimPolicy:
+
  photonPersistentDisk:
+
    fsType:
+
    pdID:
+
  portworxVolume:
+
    fsType:
+
    readOnly:
+
    volumeID:
+
  quobyte:
+
    group:
+
    readOnly:
+
    registry:
+
    user:
+
    volume:
+
  rbd:
+
    fsType:
+
    image:
+
    keyring:
+
    monitors:
+
    - [string]:
+
    pool:
+
    readOnly:
+
    secretRef:
+
      name:
+
    user:
+
  scaleIO:
+
    fsType:
+
    gateway:
+
    protectionDomain:
+
    readOnly:
+
    secretRef:
+
      name:
+
    sslEnabled:
+
    storageMode:
+
    storagePool:
+
    system:
+
    volumeName:
+
  storageClassName:
+
  storageos:
+
    fsType:
+
    readOnly:
+
    secretRef:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
    volumeName:
+
    volumeNamespace:
+
  vsphereVolume:
+
    fsType:
+
    storagePolicyID:
+
    storagePolicyName:
+
    volumePath:
+
status:
+
  message:
+
  phase:
+
  reason:
+

+
+++++ + +== Operations + +[[Post-api-v1-persistentvolumes]] +=== Create a PersistentVolume +Create a PersistentVolume + +==== HTTP request +---- +POST /api/v1/persistentvolumes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PersistentVolume", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumes <<'EOF' +{ + "kind": "PersistentVolume", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PersistentVolume +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolume +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-persistentvolumes-name]] +=== Get a PersistentVolume +Read the specified PersistentVolume + +==== HTTP request +---- +GET /api/v1/persistentvolumes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumes/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolume +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolume +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-persistentvolumes]] +=== Get all PersistentVolumes +List or watch objects of kind PersistentVolume + +==== HTTP request +---- +GET /api/v1/persistentvolumes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-persistentvolumes-name]] +=== Watch a PersistentVolume +Watch changes to an object of kind PersistentVolume + +==== HTTP request +---- +GET /api/v1/watch/persistentvolumes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/persistentvolumes/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolume +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-persistentvolumes]] +=== Watch all PersistentVolumes +Watch individual changes to a list of PersistentVolume + +==== HTTP request +---- +GET /api/v1/watch/persistentvolumes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/persistentvolumes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-persistentvolumes-name]] +=== Update a PersistentVolume +Replace the specified PersistentVolume + +==== HTTP request +---- +PUT /api/v1/persistentvolumes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PersistentVolume", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumes/$NAME <<'EOF' +{ + "kind": "PersistentVolume", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PersistentVolume +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolume +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolume +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-persistentvolumes-name]] +=== Patch a PersistentVolume +Partially update the specified PersistentVolume + +==== HTTP request +---- +PATCH /api/v1/persistentvolumes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/persistentvolumes/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolume +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolume +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-persistentvolumes-name]] +=== Delete a PersistentVolume +Delete a PersistentVolume + +==== HTTP request +---- +DELETE /api/v1/persistentvolumes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumes/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolume +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-persistentvolumes]] +=== Delete all PersistentVolumes +Delete collection of PersistentVolume + +==== HTTP request +---- +DELETE /api/v1/persistentvolumes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-persistentvolumes-name-status]] +=== Get status of a PersistentVolume +Read status of the specified PersistentVolume + +==== HTTP request +---- +GET /api/v1/persistentvolumes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumes/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolume +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolume +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-persistentvolumes-name-status]] +=== Update status of a PersistentVolume +Replace status of the specified PersistentVolume + +==== HTTP request +---- +PUT /api/v1/persistentvolumes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PersistentVolume", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumes/$NAME/status <<'EOF' +{ + "kind": "PersistentVolume", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PersistentVolume +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolume +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolume +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-persistentvolumes-name-status]] +=== Patch status of a PersistentVolume +Partially update status of the specified PersistentVolume + +==== HTTP request +---- +PATCH /api/v1/persistentvolumes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/persistentvolumes/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolume +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolume +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.PersistentVolumeClaim.adoc b/rest_api/api/v1.PersistentVolumeClaim.adoc new file mode 100644 index 000000000000..e23dcfc599d4 --- /dev/null +++ b/rest_api/api/v1.PersistentVolumeClaim.adoc @@ -0,0 +1,1115 @@ += v1.PersistentVolumeClaim +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PersistentVolumeClaim is a user's request for and claim to a persistent volume + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  accessModes:
+
  - [string]:
+
  resources:
+
    limits:
+
      [string]:
+
    requests:
+
      [string]:
+
  selector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+
  storageClassName:
+
  volumeName:
+
status:
+
  accessModes:
+
  - [string]:
+
  capacity:
+
    [string]:
+
  phase:
+

+
+++++ + +== Operations + +[[Post-api-v1-persistentvolumeclaims]] +=== Create a PersistentVolumeClaim +Create a PersistentVolumeClaim + +==== HTTP request +---- +POST /api/v1/persistentvolumeclaims HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PersistentVolumeClaim", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumeclaims <<'EOF' +{ + "kind": "PersistentVolumeClaim", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PersistentVolumeClaim +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaim +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-persistentvolumeclaims]] +=== Create a PersistentVolumeClaim in a namespace +Create a PersistentVolumeClaim + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PersistentVolumeClaim", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims <<'EOF' +{ + "kind": "PersistentVolumeClaim", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PersistentVolumeClaim +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaim +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-persistentvolumeclaims-name]] +=== Get a PersistentVolumeClaim in a namespace +Read the specified PersistentVolumeClaim + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolumeClaim +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaim +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-persistentvolumeclaims]] +=== Get all PersistentVolumeClaims +List or watch objects of kind PersistentVolumeClaim + +==== HTTP request +---- +GET /api/v1/persistentvolumeclaims HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/persistentvolumeclaims +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaimList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-persistentvolumeclaims]] +=== Get all PersistentVolumeClaims in a namespace +List or watch objects of kind PersistentVolumeClaim + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaimList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-persistentvolumeclaims-name]] +=== Watch a PersistentVolumeClaim in a namespace +Watch changes to an object of kind PersistentVolumeClaim + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolumeClaim +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-persistentvolumeclaims]] +=== Watch all PersistentVolumeClaims +Watch individual changes to a list of PersistentVolumeClaim + +==== HTTP request +---- +GET /api/v1/watch/persistentvolumeclaims HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/persistentvolumeclaims +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-persistentvolumeclaims]] +=== Watch all PersistentVolumeClaims in a namespace +Watch individual changes to a list of PersistentVolumeClaim + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/persistentvolumeclaims HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/persistentvolumeclaims +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-persistentvolumeclaims-name]] +=== Update a PersistentVolumeClaim in a namespace +Replace the specified PersistentVolumeClaim + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PersistentVolumeClaim", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME <<'EOF' +{ + "kind": "PersistentVolumeClaim", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PersistentVolumeClaim +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolumeClaim +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaim +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-persistentvolumeclaims-name]] +=== Patch a PersistentVolumeClaim in a namespace +Partially update the specified PersistentVolumeClaim + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolumeClaim +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaim +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-persistentvolumeclaims-name]] +=== Delete a PersistentVolumeClaim in a namespace +Delete a PersistentVolumeClaim + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolumeClaim +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-persistentvolumeclaims]] +=== Delete all PersistentVolumeClaims in a namespace +Delete collection of PersistentVolumeClaim + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-persistentvolumeclaims-name-status]] +=== Get status of a PersistentVolumeClaim in a namespace +Read status of the specified PersistentVolumeClaim + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolumeClaim +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaim +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-namespaces-namespace-persistentvolumeclaims-name-status]] +=== Update status of a PersistentVolumeClaim in a namespace +Replace status of the specified PersistentVolumeClaim + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PersistentVolumeClaim", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME/status <<'EOF' +{ + "kind": "PersistentVolumeClaim", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PersistentVolumeClaim +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolumeClaim +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaim +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-persistentvolumeclaims-name-status]] +=== Patch status of a PersistentVolumeClaim in a namespace +Partially update status of the specified PersistentVolumeClaim + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/persistentvolumeclaims/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PersistentVolumeClaim +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PersistentVolumeClaim +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.Pod.adoc b/rest_api/api/v1.Pod.adoc new file mode 100644 index 000000000000..f63073511fb4 --- /dev/null +++ b/rest_api/api/v1.Pod.adoc @@ -0,0 +1,3065 @@ += v1.Pod +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  activeDeadlineSeconds:
+
  affinity:
+
    nodeAffinity:
+
      preferredDuringSchedulingIgnoredDuringExecution:
+
      - preference:
+
      -   matchExpressions:
+
      -   - key:
+
            operator:
+
            values:
+
            - [string]:
+
        weight:
+
      requiredDuringSchedulingIgnoredDuringExecution:
+
        nodeSelectorTerms:
+
        - matchExpressions:
+
        - - key:
+
            operator:
+
            values:
+
            - [string]:
+
    podAffinity:
+
      preferredDuringSchedulingIgnoredDuringExecution:
+
      - podAffinityTerm:
+
      -   labelSelector:
+
      -     matchExpressions:
+
      -     - key:
+
              operator:
+
              values:
+
              - [string]:
+
            matchLabels:
+
              [string]:
+
          namespaces:
+
          - [string]:
+
          topologyKey:
+
        weight:
+
      requiredDuringSchedulingIgnoredDuringExecution:
+
      - labelSelector:
+
      -   matchExpressions:
+
      -   - key:
+
            operator:
+
            values:
+
            - [string]:
+
          matchLabels:
+
            [string]:
+
        namespaces:
+
        - [string]:
+
        topologyKey:
+
    podAntiAffinity:
+
      preferredDuringSchedulingIgnoredDuringExecution:
+
      - podAffinityTerm:
+
      -   labelSelector:
+
      -     matchExpressions:
+
      -     - key:
+
              operator:
+
              values:
+
              - [string]:
+
            matchLabels:
+
              [string]:
+
          namespaces:
+
          - [string]:
+
          topologyKey:
+
        weight:
+
      requiredDuringSchedulingIgnoredDuringExecution:
+
      - labelSelector:
+
      -   matchExpressions:
+
      -   - key:
+
            operator:
+
            values:
+
            - [string]:
+
          matchLabels:
+
            [string]:
+
        namespaces:
+
        - [string]:
+
        topologyKey:
+
  automountServiceAccountToken:
+
  containers:
+
  - args:
+
  - - [string]:
+
    command:
+
    - [string]:
+
    env:
+
    - name:
+
      value:
+
      valueFrom:
+
        configMapKeyRef:
+
          key:
+
          name:
+
          optional:
+
        fieldRef:
+
          apiVersion:
+
          fieldPath:
+
        resourceFieldRef:
+
          containerName:
+
          divisor:
+
          resource:
+
        secretKeyRef:
+
          key:
+
          name:
+
          optional:
+
    envFrom:
+
    - configMapRef:
+
    -   name:
+
        optional:
+
      prefix:
+
      secretRef:
+
        name:
+
        optional:
+
    image:
+
    imagePullPolicy:
+
    lifecycle:
+
      postStart:
+
        exec:
+
          command:
+
          - [string]:
+
        httpGet:
+
          host:
+
          httpHeaders:
+
          - name:
+
            value:
+
          path:
+
          port:
+
          scheme:
+
        tcpSocket:
+
          host:
+
          port:
+
      preStop:
+
        exec:
+
          command:
+
          - [string]:
+
        httpGet:
+
          host:
+
          httpHeaders:
+
          - name:
+
            value:
+
          path:
+
          port:
+
          scheme:
+
        tcpSocket:
+
          host:
+
          port:
+
    livenessProbe:
+
      exec:
+
        command:
+
        - [string]:
+
      failureThreshold:
+
      httpGet:
+
        host:
+
        httpHeaders:
+
        - name:
+
          value:
+
        path:
+
        port:
+
        scheme:
+
      initialDelaySeconds:
+
      periodSeconds:
+
      successThreshold:
+
      tcpSocket:
+
        host:
+
        port:
+
      timeoutSeconds:
+
    name:
+
    ports:
+
    - containerPort:
+
      hostIP:
+
      hostPort:
+
      name:
+
      protocol:
+
    readinessProbe:
+
      exec:
+
        command:
+
        - [string]:
+
      failureThreshold:
+
      httpGet:
+
        host:
+
        httpHeaders:
+
        - name:
+
          value:
+
        path:
+
        port:
+
        scheme:
+
      initialDelaySeconds:
+
      periodSeconds:
+
      successThreshold:
+
      tcpSocket:
+
        host:
+
        port:
+
      timeoutSeconds:
+
    resources:
+
      limits:
+
        [string]:
+
      requests:
+
        [string]:
+
    securityContext:
+
      capabilities:
+
        add:
+
        - [string]:
+
        drop:
+
        - [string]:
+
      privileged:
+
      readOnlyRootFilesystem:
+
      runAsNonRoot:
+
      runAsUser:
+
      seLinuxOptions:
+
        level:
+
        role:
+
        type:
+
        user:
+
    stdin:
+
    stdinOnce:
+
    terminationMessagePath:
+
    terminationMessagePolicy:
+
    tty:
+
    volumeMounts:
+
    - mountPath:
+
      name:
+
      readOnly:
+
      subPath:
+
    workingDir:
+
  dnsPolicy:
+
  hostAliases:
+
  - hostnames:
+
  - - [string]:
+
    ip:
+
  hostIPC:
+
  hostNetwork:
+
  hostPID:
+
  hostname:
+
  imagePullSecrets:
+
  - name:
+
  initContainers:
+
  - args:
+
  - - [string]:
+
    command:
+
    - [string]:
+
    env:
+
    - name:
+
      value:
+
      valueFrom:
+
        configMapKeyRef:
+
          key:
+
          name:
+
          optional:
+
        fieldRef:
+
          apiVersion:
+
          fieldPath:
+
        resourceFieldRef:
+
          containerName:
+
          divisor:
+
          resource:
+
        secretKeyRef:
+
          key:
+
          name:
+
          optional:
+
    envFrom:
+
    - configMapRef:
+
    -   name:
+
        optional:
+
      prefix:
+
      secretRef:
+
        name:
+
        optional:
+
    image:
+
    imagePullPolicy:
+
    lifecycle:
+
      postStart:
+
        exec:
+
          command:
+
          - [string]:
+
        httpGet:
+
          host:
+
          httpHeaders:
+
          - name:
+
            value:
+
          path:
+
          port:
+
          scheme:
+
        tcpSocket:
+
          host:
+
          port:
+
      preStop:
+
        exec:
+
          command:
+
          - [string]:
+
        httpGet:
+
          host:
+
          httpHeaders:
+
          - name:
+
            value:
+
          path:
+
          port:
+
          scheme:
+
        tcpSocket:
+
          host:
+
          port:
+
    livenessProbe:
+
      exec:
+
        command:
+
        - [string]:
+
      failureThreshold:
+
      httpGet:
+
        host:
+
        httpHeaders:
+
        - name:
+
          value:
+
        path:
+
        port:
+
        scheme:
+
      initialDelaySeconds:
+
      periodSeconds:
+
      successThreshold:
+
      tcpSocket:
+
        host:
+
        port:
+
      timeoutSeconds:
+
    name:
+
    ports:
+
    - containerPort:
+
      hostIP:
+
      hostPort:
+
      name:
+
      protocol:
+
    readinessProbe:
+
      exec:
+
        command:
+
        - [string]:
+
      failureThreshold:
+
      httpGet:
+
        host:
+
        httpHeaders:
+
        - name:
+
          value:
+
        path:
+
        port:
+
        scheme:
+
      initialDelaySeconds:
+
      periodSeconds:
+
      successThreshold:
+
      tcpSocket:
+
        host:
+
        port:
+
      timeoutSeconds:
+
    resources:
+
      limits:
+
        [string]:
+
      requests:
+
        [string]:
+
    securityContext:
+
      capabilities:
+
        add:
+
        - [string]:
+
        drop:
+
        - [string]:
+
      privileged:
+
      readOnlyRootFilesystem:
+
      runAsNonRoot:
+
      runAsUser:
+
      seLinuxOptions:
+
        level:
+
        role:
+
        type:
+
        user:
+
    stdin:
+
    stdinOnce:
+
    terminationMessagePath:
+
    terminationMessagePolicy:
+
    tty:
+
    volumeMounts:
+
    - mountPath:
+
      name:
+
      readOnly:
+
      subPath:
+
    workingDir:
+
  nodeName:
+
  nodeSelector:
+
    [string]:
+
  restartPolicy:
+
  schedulerName:
+
  securityContext:
+
    fsGroup:
+
    runAsNonRoot:
+
    runAsUser:
+
    seLinuxOptions:
+
      level:
+
      role:
+
      type:
+
      user:
+
    supplementalGroups:
+
    - [integer]:
+
  serviceAccount:
+
  serviceAccountName:
+
  subdomain:
+
  terminationGracePeriodSeconds:
+
  tolerations:
+
  - effect:
+
    key:
+
    operator:
+
    tolerationSeconds:
+
    value:
+
  volumes:
+
  - awsElasticBlockStore:
+
  -   fsType:
+
      partition:
+
      readOnly:
+
      volumeID:
+
    azureDisk:
+
      cachingMode:
+
      diskName:
+
      diskURI:
+
      fsType:
+
      kind:
+
      readOnly:
+
    azureFile:
+
      readOnly:
+
      secretName:
+
      shareName:
+
    cephfs:
+
      monitors:
+
      - [string]:
+
      path:
+
      readOnly:
+
      secretFile:
+
      secretRef:
+
        name:
+
      user:
+
    cinder:
+
      fsType:
+
      readOnly:
+
      volumeID:
+
    configMap:
+
      defaultMode:
+
      items:
+
      - key:
+
        mode:
+
        path:
+
      name:
+
      optional:
+
    downwardAPI:
+
      defaultMode:
+
      items:
+
      - fieldRef:
+
      -   apiVersion:
+
          fieldPath:
+
        mode:
+
        path:
+
        resourceFieldRef:
+
          containerName:
+
          divisor:
+
          resource:
+
    emptyDir:
+
      medium:
+
      sizeLimit:
+
    fc:
+
      fsType:
+
      lun:
+
      readOnly:
+
      targetWWNs:
+
      - [string]:
+
    flexVolume:
+
      driver:
+
      fsType:
+
      options:
+
        [string]:
+
      readOnly:
+
      secretRef:
+
        name:
+
    flocker:
+
      datasetName:
+
      datasetUUID:
+
    gcePersistentDisk:
+
      fsType:
+
      partition:
+
      pdName:
+
      readOnly:
+
    gitRepo:
+
      directory:
+
      repository:
+
      revision:
+
    glusterfs:
+
      endpoints:
+
      path:
+
      readOnly:
+
    hostPath:
+
      path:
+
    iscsi:
+
      chapAuthDiscovery:
+
      chapAuthSession:
+
      fsType:
+
      iqn:
+
      iscsiInterface:
+
      lun:
+
      portals:
+
      - [string]:
+
      readOnly:
+
      secretRef:
+
        name:
+
      targetPortal:
+
    name:
+
    nfs:
+
      path:
+
      readOnly:
+
      server:
+
    persistentVolumeClaim:
+
      claimName:
+
      readOnly:
+
    photonPersistentDisk:
+
      fsType:
+
      pdID:
+
    portworxVolume:
+
      fsType:
+
      readOnly:
+
      volumeID:
+
    projected:
+
      defaultMode:
+
      sources:
+
      - configMap:
+
      -   items:
+
      -   - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        secret:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
    quobyte:
+
      group:
+
      readOnly:
+
      registry:
+
      user:
+
      volume:
+
    rbd:
+
      fsType:
+
      image:
+
      keyring:
+
      monitors:
+
      - [string]:
+
      pool:
+
      readOnly:
+
      secretRef:
+
        name:
+
      user:
+
    scaleIO:
+
      fsType:
+
      gateway:
+
      protectionDomain:
+
      readOnly:
+
      secretRef:
+
        name:
+
      sslEnabled:
+
      storageMode:
+
      storagePool:
+
      system:
+
      volumeName:
+
    secret:
+
      defaultMode:
+
      items:
+
      - key:
+
        mode:
+
        path:
+
      optional:
+
      secretName:
+
    storageos:
+
      fsType:
+
      readOnly:
+
      secretRef:
+
        name:
+
      volumeName:
+
      volumeNamespace:
+
    vsphereVolume:
+
      fsType:
+
      storagePolicyID:
+
      storagePolicyName:
+
      volumePath:
+
status:
+
  conditions:
+
  - lastProbeTime:
+
    lastTransitionTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  containerStatuses:
+
  - containerID:
+
    image:
+
    imageID:
+
    lastState:
+
      running:
+
        startedAt:
+
      terminated:
+
        containerID:
+
        exitCode:
+
        finishedAt:
+
        message:
+
        reason:
+
        signal:
+
        startedAt:
+
      waiting:
+
        message:
+
        reason:
+
    name:
+
    ready:
+
    restartCount:
+
    state:
+
      running:
+
        startedAt:
+
      terminated:
+
        containerID:
+
        exitCode:
+
        finishedAt:
+
        message:
+
        reason:
+
        signal:
+
        startedAt:
+
      waiting:
+
        message:
+
        reason:
+
  hostIP:
+
  initContainerStatuses:
+
  - containerID:
+
    image:
+
    imageID:
+
    lastState:
+
      running:
+
        startedAt:
+
      terminated:
+
        containerID:
+
        exitCode:
+
        finishedAt:
+
        message:
+
        reason:
+
        signal:
+
        startedAt:
+
      waiting:
+
        message:
+
        reason:
+
    name:
+
    ready:
+
    restartCount:
+
    state:
+
      running:
+
        startedAt:
+
      terminated:
+
        containerID:
+
        exitCode:
+
        finishedAt:
+
        message:
+
        reason:
+
        signal:
+
        startedAt:
+
      waiting:
+
        message:
+
        reason:
+
  message:
+
  phase:
+
  podIP:
+
  qosClass:
+
  reason:
+
  startTime:
+

+
+++++ + +== Operations + +[[Post-api-v1-pods]] +=== Create a Pod +Create a Pod + +==== HTTP request +---- +POST /api/v1/pods HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Pod", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/pods <<'EOF' +{ + "kind": "Pod", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Pod +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Pod +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-pods]] +=== Create a Pod in a namespace +Create a Pod + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/pods HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Pod", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods <<'EOF' +{ + "kind": "Pod", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Pod +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Pod +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-pods-name]] +=== Get a Pod in a namespace +Read the specified Pod + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/pods/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Pod +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-pods]] +=== Get all Pods +List or watch objects of kind Pod + +==== HTTP request +---- +GET /api/v1/pods HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/pods +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-pods]] +=== Get all Pods in a namespace +List or watch objects of kind Pod + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/pods HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-pods-name]] +=== Watch a Pod in a namespace +Watch changes to an object of kind Pod + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/pods/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/pods/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-pods]] +=== Watch all Pods +Watch individual changes to a list of Pod + +==== HTTP request +---- +GET /api/v1/watch/pods HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/pods +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-pods]] +=== Watch all Pods in a namespace +Watch individual changes to a list of Pod + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/pods HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/pods +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-pods-name]] +=== Update a Pod in a namespace +Replace the specified Pod + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/pods/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Pod", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME <<'EOF' +{ + "kind": "Pod", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Pod +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Pod +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-pods-name]] +=== Patch a Pod in a namespace +Partially update the specified Pod + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/pods/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Pod +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-pods-name]] +=== Delete a Pod in a namespace +Delete a Pod + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/pods/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-pods]] +=== Delete all Pods in a namespace +Delete collection of Pod + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/pods HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-pods-name-attach]] +=== Attach to a v1.Pod in a namespace (POST) +Connect POST requests to attach of Pod + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/pods/$NAME/attach HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/attach +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|container|The container in which to execute the command. Defaults to only container if there is only one container in the pod. +|stderr|Stderr if true indicates that stderr is to be redirected for the attach call. Defaults to true. +|stdin|Stdin if true, redirects the standard input stream of the pod for this call. Defaults to false. +|stdout|Stdout if true indicates that stdout is to be redirected for the attach call. Defaults to true. +|tty|TTY if true indicates that a tty will be allocated for the attach call. This is passed through the container runtime so the tty is allocated on the worker node by the container runtime. Defaults to false. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-namespaces-namespace-pods-name-attach]] +=== Attach to a v1.Pod in a namespace (GET) +Connect GET requests to attach of Pod + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/pods/$NAME/attach HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/attach +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|container|The container in which to execute the command. Defaults to only container if there is only one container in the pod. +|stderr|Stderr if true indicates that stderr is to be redirected for the attach call. Defaults to true. +|stdin|Stdin if true, redirects the standard input stream of the pod for this call. Defaults to false. +|stdout|Stdout if true indicates that stdout is to be redirected for the attach call. Defaults to true. +|tty|TTY if true indicates that a tty will be allocated for the attach call. This is passed through the container runtime so the tty is allocated on the worker node by the container runtime. Defaults to false. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-api-v1-namespaces-namespace-pods-name-binding]] +=== Create binding of a Pod in a namespace +Create binding of a Binding + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/pods/$NAME/binding HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Binding", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/binding <<'EOF' +{ + "kind": "Binding", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Binding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Binding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Binding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-pods-name-eviction]] +=== Create eviction of a Pod in a namespace +Create eviction of an Eviction + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/pods/$NAME/eviction HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Eviction", + "apiVersion": "policy/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/eviction <<'EOF' +{ + "kind": "Eviction", + "apiVersion": "policy/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Eviction +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Eviction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Eviction +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-pods-name-exec]] +=== Exec in a v1.Pod in a namespace (POST) +Connect POST requests to exec of Pod + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/pods/$NAME/exec HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/exec +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|command|Command is the remote command to execute. argv array. Not executed within a shell. +|container|Container in which to execute the command. Defaults to only container if there is only one container in the pod. +|stderr|Redirect the standard error stream of the pod for this call. Defaults to true. +|stdin|Redirect the standard input stream of the pod for this call. Defaults to false. +|stdout|Redirect the standard output stream of the pod for this call. Defaults to true. +|tty|TTY if true indicates that a tty will be allocated for the exec call. Defaults to false. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-namespaces-namespace-pods-name-exec]] +=== Exec in a v1.Pod in a namespace (GET) +Connect GET requests to exec of Pod + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/pods/$NAME/exec HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/exec +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|command|Command is the remote command to execute. argv array. Not executed within a shell. +|container|Container in which to execute the command. Defaults to only container if there is only one container in the pod. +|stderr|Redirect the standard error stream of the pod for this call. Defaults to true. +|stdin|Redirect the standard input stream of the pod for this call. Defaults to false. +|stdout|Redirect the standard output stream of the pod for this call. Defaults to true. +|tty|TTY if true indicates that a tty will be allocated for the exec call. Defaults to false. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-namespaces-namespace-pods-name-log]] +=== Get log of a Pod in a namespace +Read log of the specified Pod + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/pods/$NAME/log HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/log +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|container|The container for which to stream logs. Defaults to only container if there is one container in the pod. +|follow|Follow the log stream of the pod. Defaults to false. +|limitBytes|If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit. +|pretty|If 'true', then the output is pretty printed. +|previous|Return previous terminated container logs. Defaults to false. +|sinceSeconds|A relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified. +|tailLines|If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime +|timestamps|If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* text/plain +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-pods-name-portforward]] +=== Port-forward to a v1.Pod in a namespace (POST) +Connect POST requests to portforward of Pod + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/pods/$NAME/portforward HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/portforward +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|ports|List of ports to forward Required when using WebSockets +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-namespaces-namespace-pods-name-portforward]] +=== Port-forward to a v1.Pod in a namespace (GET) +Connect GET requests to portforward of Pod + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/pods/$NAME/portforward HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/portforward +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|ports|List of ports to forward Required when using WebSockets +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-namespaces-namespace-pods-name-status]] +=== Get status of a Pod in a namespace +Read status of the specified Pod + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/pods/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Pod +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-namespaces-namespace-pods-name-status]] +=== Update status of a Pod in a namespace +Replace status of the specified Pod + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/pods/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Pod", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/status <<'EOF' +{ + "kind": "Pod", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Pod +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Pod +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-pods-name-status]] +=== Patch status of a Pod in a namespace +Partially update status of the specified Pod + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/pods/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Pod +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Options-api-v1-namespaces-namespace-pods-name-proxy]] +=== Proxy OPTIONS request to a Pod in a namespace +Connect OPTIONS requests to proxy of Pod + +==== HTTP request +---- +OPTIONS /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X OPTIONS \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-api-v1-namespaces-namespace-pods-name-proxy]] +=== Proxy POST request to a Pod in a namespace +Connect POST requests to proxy of Pod + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Head-api-v1-namespaces-namespace-pods-name-proxy]] +=== Proxy HEAD request to a Pod in a namespace +Connect HEAD requests to proxy of Pod + +==== HTTP request +---- +HEAD /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X HEAD \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-namespaces-namespace-pods-name-proxy]] +=== Proxy GET request to a Pod in a namespace +Connect GET requests to proxy of Pod + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Put-api-v1-namespaces-namespace-pods-name-proxy]] +=== Proxy PUT request to a Pod in a namespace +Connect PUT requests to proxy of Pod + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Patch-api-v1-namespaces-namespace-pods-name-proxy]] +=== Proxy PATCH request to a Pod in a namespace +Connect PATCH requests to proxy of Pod + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Delete-api-v1-namespaces-namespace-pods-name-proxy]] +=== Proxy DELETE request to a Pod in a namespace +Connect DELETE requests to proxy of Pod + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Options-api-v1-namespaces-namespace-pods-name-proxy-path]] +=== Proxy OPTIONS request to a Pod in a namespace (with path) +Connect OPTIONS requests to proxy of Pod + +==== HTTP request +---- +OPTIONS /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X OPTIONS \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-api-v1-namespaces-namespace-pods-name-proxy-path]] +=== Proxy POST request to a Pod in a namespace (with path) +Connect POST requests to proxy of Pod + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Head-api-v1-namespaces-namespace-pods-name-proxy-path]] +=== Proxy HEAD request to a Pod in a namespace (with path) +Connect HEAD requests to proxy of Pod + +==== HTTP request +---- +HEAD /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X HEAD \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-namespaces-namespace-pods-name-proxy-path]] +=== Proxy GET request to a Pod in a namespace (with path) +Connect GET requests to proxy of Pod + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Put-api-v1-namespaces-namespace-pods-name-proxy-path]] +=== Proxy PUT request to a Pod in a namespace (with path) +Connect PUT requests to proxy of Pod + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Patch-api-v1-namespaces-namespace-pods-name-proxy-path]] +=== Proxy PATCH request to a Pod in a namespace (with path) +Connect PATCH requests to proxy of Pod + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Delete-api-v1-namespaces-namespace-pods-name-proxy-path]] +=== Proxy DELETE request to a Pod in a namespace (with path) +Connect DELETE requests to proxy of Pod + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/pods/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Pod +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + + diff --git a/rest_api/api/v1.PodTemplate.adoc b/rest_api/api/v1.PodTemplate.adoc new file mode 100644 index 000000000000..841d13d4a0f5 --- /dev/null +++ b/rest_api/api/v1.PodTemplate.adoc @@ -0,0 +1,1543 @@ += v1.PodTemplate +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PodTemplate describes a template for creating copies of a predefined pod. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
template:
+
  metadata:
+
    annotations:
+
      [string]:
+
    clusterName:
+
    creationTimestamp:
+
    deletionGracePeriodSeconds:
+
    deletionTimestamp:
+
    finalizers:
+
    - [string]:
+
    generateName:
+
    generation:
+
    initializers:
+
      pending:
+
      - name:
+
      result:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
    labels:
+
      [string]:
+
    name:
+
    namespace:
+
    ownerReferences:
+
    - apiVersion:
+
      blockOwnerDeletion:
+
      controller:
+
      kind:
+
      name:
+
      uid:
+
    resourceVersion:
+
    selfLink:
+
    uid:
+
  spec:
+
    activeDeadlineSeconds:
+
    affinity:
+
      nodeAffinity:
+
        preferredDuringSchedulingIgnoredDuringExecution:
+
        - preference:
+
        -   matchExpressions:
+
        -   - key:
+
              operator:
+
              values:
+
              - [string]:
+
          weight:
+
        requiredDuringSchedulingIgnoredDuringExecution:
+
          nodeSelectorTerms:
+
          - matchExpressions:
+
          - - key:
+
              operator:
+
              values:
+
              - [string]:
+
      podAffinity:
+
        preferredDuringSchedulingIgnoredDuringExecution:
+
        - podAffinityTerm:
+
        -   labelSelector:
+
        -     matchExpressions:
+
        -     - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
          weight:
+
        requiredDuringSchedulingIgnoredDuringExecution:
+
        - labelSelector:
+
        -   matchExpressions:
+
        -   - key:
+
              operator:
+
              values:
+
              - [string]:
+
            matchLabels:
+
              [string]:
+
          namespaces:
+
          - [string]:
+
          topologyKey:
+
      podAntiAffinity:
+
        preferredDuringSchedulingIgnoredDuringExecution:
+
        - podAffinityTerm:
+
        -   labelSelector:
+
        -     matchExpressions:
+
        -     - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
          weight:
+
        requiredDuringSchedulingIgnoredDuringExecution:
+
        - labelSelector:
+
        -   matchExpressions:
+
        -   - key:
+
              operator:
+
              values:
+
              - [string]:
+
            matchLabels:
+
              [string]:
+
          namespaces:
+
          - [string]:
+
          topologyKey:
+
    automountServiceAccountToken:
+
    containers:
+
    - args:
+
    - - [string]:
+
      command:
+
      - [string]:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      envFrom:
+
      - configMapRef:
+
      -   name:
+
          optional:
+
        prefix:
+
        secretRef:
+
          name:
+
          optional:
+
      image:
+
      imagePullPolicy:
+
      lifecycle:
+
        postStart:
+
          exec:
+
            command:
+
            - [string]:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          tcpSocket:
+
            host:
+
            port:
+
        preStop:
+
          exec:
+
            command:
+
            - [string]:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          tcpSocket:
+
            host:
+
            port:
+
      livenessProbe:
+
        exec:
+
          command:
+
          - [string]:
+
        failureThreshold:
+
        httpGet:
+
          host:
+
          httpHeaders:
+
          - name:
+
            value:
+
          path:
+
          port:
+
          scheme:
+
        initialDelaySeconds:
+
        periodSeconds:
+
        successThreshold:
+
        tcpSocket:
+
          host:
+
          port:
+
        timeoutSeconds:
+
      name:
+
      ports:
+
      - containerPort:
+
        hostIP:
+
        hostPort:
+
        name:
+
        protocol:
+
      readinessProbe:
+
        exec:
+
          command:
+
          - [string]:
+
        failureThreshold:
+
        httpGet:
+
          host:
+
          httpHeaders:
+
          - name:
+
            value:
+
          path:
+
          port:
+
          scheme:
+
        initialDelaySeconds:
+
        periodSeconds:
+
        successThreshold:
+
        tcpSocket:
+
          host:
+
          port:
+
        timeoutSeconds:
+
      resources:
+
        limits:
+
          [string]:
+
        requests:
+
          [string]:
+
      securityContext:
+
        capabilities:
+
          add:
+
          - [string]:
+
          drop:
+
          - [string]:
+
        privileged:
+
        readOnlyRootFilesystem:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
      stdin:
+
      stdinOnce:
+
      terminationMessagePath:
+
      terminationMessagePolicy:
+
      tty:
+
      volumeMounts:
+
      - mountPath:
+
        name:
+
        readOnly:
+
        subPath:
+
      workingDir:
+
    dnsPolicy:
+
    hostAliases:
+
    - hostnames:
+
    - - [string]:
+
      ip:
+
    hostIPC:
+
    hostNetwork:
+
    hostPID:
+
    hostname:
+
    imagePullSecrets:
+
    - name:
+
    initContainers:
+
    - args:
+
    - - [string]:
+
      command:
+
      - [string]:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      envFrom:
+
      - configMapRef:
+
      -   name:
+
          optional:
+
        prefix:
+
        secretRef:
+
          name:
+
          optional:
+
      image:
+
      imagePullPolicy:
+
      lifecycle:
+
        postStart:
+
          exec:
+
            command:
+
            - [string]:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          tcpSocket:
+
            host:
+
            port:
+
        preStop:
+
          exec:
+
            command:
+
            - [string]:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          tcpSocket:
+
            host:
+
            port:
+
      livenessProbe:
+
        exec:
+
          command:
+
          - [string]:
+
        failureThreshold:
+
        httpGet:
+
          host:
+
          httpHeaders:
+
          - name:
+
            value:
+
          path:
+
          port:
+
          scheme:
+
        initialDelaySeconds:
+
        periodSeconds:
+
        successThreshold:
+
        tcpSocket:
+
          host:
+
          port:
+
        timeoutSeconds:
+
      name:
+
      ports:
+
      - containerPort:
+
        hostIP:
+
        hostPort:
+
        name:
+
        protocol:
+
      readinessProbe:
+
        exec:
+
          command:
+
          - [string]:
+
        failureThreshold:
+
        httpGet:
+
          host:
+
          httpHeaders:
+
          - name:
+
            value:
+
          path:
+
          port:
+
          scheme:
+
        initialDelaySeconds:
+
        periodSeconds:
+
        successThreshold:
+
        tcpSocket:
+
          host:
+
          port:
+
        timeoutSeconds:
+
      resources:
+
        limits:
+
          [string]:
+
        requests:
+
          [string]:
+
      securityContext:
+
        capabilities:
+
          add:
+
          - [string]:
+
          drop:
+
          - [string]:
+
        privileged:
+
        readOnlyRootFilesystem:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
      stdin:
+
      stdinOnce:
+
      terminationMessagePath:
+
      terminationMessagePolicy:
+
      tty:
+
      volumeMounts:
+
      - mountPath:
+
        name:
+
        readOnly:
+
        subPath:
+
      workingDir:
+
    nodeName:
+
    nodeSelector:
+
      [string]:
+
    restartPolicy:
+
    schedulerName:
+
    securityContext:
+
      fsGroup:
+
      runAsNonRoot:
+
      runAsUser:
+
      seLinuxOptions:
+
        level:
+
        role:
+
        type:
+
        user:
+
      supplementalGroups:
+
      - [integer]:
+
    serviceAccount:
+
    serviceAccountName:
+
    subdomain:
+
    terminationGracePeriodSeconds:
+
    tolerations:
+
    - effect:
+
      key:
+
      operator:
+
      tolerationSeconds:
+
      value:
+
    volumes:
+
    - awsElasticBlockStore:
+
    -   fsType:
+
        partition:
+
        readOnly:
+
        volumeID:
+
      azureDisk:
+
        cachingMode:
+
        diskName:
+
        diskURI:
+
        fsType:
+
        kind:
+
        readOnly:
+
      azureFile:
+
        readOnly:
+
        secretName:
+
        shareName:
+
      cephfs:
+
        monitors:
+
        - [string]:
+
        path:
+
        readOnly:
+
        secretFile:
+
        secretRef:
+
          name:
+
        user:
+
      cinder:
+
        fsType:
+
        readOnly:
+
        volumeID:
+
      configMap:
+
        defaultMode:
+
        items:
+
        - key:
+
          mode:
+
          path:
+
        name:
+
        optional:
+
      downwardAPI:
+
        defaultMode:
+
        items:
+
        - fieldRef:
+
        -   apiVersion:
+
            fieldPath:
+
          mode:
+
          path:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
      emptyDir:
+
        medium:
+
        sizeLimit:
+
      fc:
+
        fsType:
+
        lun:
+
        readOnly:
+
        targetWWNs:
+
        - [string]:
+
      flexVolume:
+
        driver:
+
        fsType:
+
        options:
+
          [string]:
+
        readOnly:
+
        secretRef:
+
          name:
+
      flocker:
+
        datasetName:
+
        datasetUUID:
+
      gcePersistentDisk:
+
        fsType:
+
        partition:
+
        pdName:
+
        readOnly:
+
      gitRepo:
+
        directory:
+
        repository:
+
        revision:
+
      glusterfs:
+
        endpoints:
+
        path:
+
        readOnly:
+
      hostPath:
+
        path:
+
      iscsi:
+
        chapAuthDiscovery:
+
        chapAuthSession:
+
        fsType:
+
        iqn:
+
        iscsiInterface:
+
        lun:
+
        portals:
+
        - [string]:
+
        readOnly:
+
        secretRef:
+
          name:
+
        targetPortal:
+
      name:
+
      nfs:
+
        path:
+
        readOnly:
+
        server:
+
      persistentVolumeClaim:
+
        claimName:
+
        readOnly:
+
      photonPersistentDisk:
+
        fsType:
+
        pdID:
+
      portworxVolume:
+
        fsType:
+
        readOnly:
+
        volumeID:
+
      projected:
+
        defaultMode:
+
        sources:
+
        - configMap:
+
        -   items:
+
        -   - key:
+
              mode:
+
              path:
+
            name:
+
            optional:
+
          downwardAPI:
+
            items:
+
            - fieldRef:
+
            -   apiVersion:
+
                fieldPath:
+
              mode:
+
              path:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
          secret:
+
            items:
+
            - key:
+
              mode:
+
              path:
+
            name:
+
            optional:
+
      quobyte:
+
        group:
+
        readOnly:
+
        registry:
+
        user:
+
        volume:
+
      rbd:
+
        fsType:
+
        image:
+
        keyring:
+
        monitors:
+
        - [string]:
+
        pool:
+
        readOnly:
+
        secretRef:
+
          name:
+
        user:
+
      scaleIO:
+
        fsType:
+
        gateway:
+
        protectionDomain:
+
        readOnly:
+
        secretRef:
+
          name:
+
        sslEnabled:
+
        storageMode:
+
        storagePool:
+
        system:
+
        volumeName:
+
      secret:
+
        defaultMode:
+
        items:
+
        - key:
+
          mode:
+
          path:
+
        optional:
+
        secretName:
+
      storageos:
+
        fsType:
+
        readOnly:
+
        secretRef:
+
          name:
+
        volumeName:
+
        volumeNamespace:
+
      vsphereVolume:
+
        fsType:
+
        storagePolicyID:
+
        storagePolicyName:
+
        volumePath:
+

+
+++++ + +== Operations + +[[Post-api-v1-podtemplates]] +=== Create a PodTemplate +Create a PodTemplate + +==== HTTP request +---- +POST /api/v1/podtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodTemplate", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/podtemplates <<'EOF' +{ + "kind": "PodTemplate", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodTemplate +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodTemplate +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-podtemplates]] +=== Create a PodTemplate in a namespace +Create a PodTemplate + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/podtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodTemplate", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/podtemplates <<'EOF' +{ + "kind": "PodTemplate", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodTemplate +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodTemplate +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-podtemplates-name]] +=== Get a PodTemplate in a namespace +Read the specified PodTemplate + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/podtemplates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/podtemplates/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodTemplate +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodTemplate +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-podtemplates]] +=== Get all PodTemplates +List or watch objects of kind PodTemplate + +==== HTTP request +---- +GET /api/v1/podtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/podtemplates +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodTemplateList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-podtemplates]] +=== Get all PodTemplates in a namespace +List or watch objects of kind PodTemplate + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/podtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/podtemplates +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodTemplateList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-podtemplates-name]] +=== Watch a PodTemplate in a namespace +Watch changes to an object of kind PodTemplate + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/podtemplates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/podtemplates/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodTemplate +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-podtemplates]] +=== Watch all PodTemplates +Watch individual changes to a list of PodTemplate + +==== HTTP request +---- +GET /api/v1/watch/podtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/podtemplates +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-podtemplates]] +=== Watch all PodTemplates in a namespace +Watch individual changes to a list of PodTemplate + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/podtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/podtemplates +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-podtemplates-name]] +=== Update a PodTemplate in a namespace +Replace the specified PodTemplate + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/podtemplates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodTemplate", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/podtemplates/$NAME <<'EOF' +{ + "kind": "PodTemplate", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodTemplate +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodTemplate +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodTemplate +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-podtemplates-name]] +=== Patch a PodTemplate in a namespace +Partially update the specified PodTemplate + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/podtemplates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/podtemplates/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodTemplate +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodTemplate +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-podtemplates-name]] +=== Delete a PodTemplate in a namespace +Delete a PodTemplate + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/podtemplates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/podtemplates/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodTemplate +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-podtemplates]] +=== Delete all PodTemplates in a namespace +Delete collection of PodTemplate + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/podtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/podtemplates +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.ReplicationController.adoc b/rest_api/api/v1.ReplicationController.adoc new file mode 100644 index 000000000000..de338b48d6ab --- /dev/null +++ b/rest_api/api/v1.ReplicationController.adoc @@ -0,0 +1,2184 @@ += v1.ReplicationController +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ReplicationController represents the configuration of a replication controller. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  minReadySeconds:
+
  replicas:
+
  selector:
+
    [string]:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
status:
+
  availableReplicas:
+
  conditions:
+
  - lastTransitionTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  fullyLabeledReplicas:
+
  observedGeneration:
+
  readyReplicas:
+
  replicas:
+

+
+++++ + +== Operations + +[[Post-api-v1-replicationcontrollers]] +=== Create a ReplicationController +Create a ReplicationController + +==== HTTP request +---- +POST /api/v1/replicationcontrollers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ReplicationController", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/replicationcontrollers <<'EOF' +{ + "kind": "ReplicationController", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ReplicationController +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationController +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-replicationcontrollers]] +=== Create a ReplicationController in a namespace +Create a ReplicationController + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/replicationcontrollers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ReplicationController", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers <<'EOF' +{ + "kind": "ReplicationController", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ReplicationController +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationController +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-replicationcontrollers-name]] +=== Get a ReplicationController in a namespace +Read the specified ReplicationController + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicationController +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationController +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-replicationcontrollers]] +=== Get all ReplicationControllers +List or watch objects of kind ReplicationController + +==== HTTP request +---- +GET /api/v1/replicationcontrollers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/replicationcontrollers +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationControllerList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-replicationcontrollers]] +=== Get all ReplicationControllers in a namespace +List or watch objects of kind ReplicationController + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/replicationcontrollers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationControllerList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-replicationcontrollers-name]] +=== Watch a ReplicationController in a namespace +Watch changes to an object of kind ReplicationController + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/replicationcontrollers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/replicationcontrollers/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicationController +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-replicationcontrollers]] +=== Watch all ReplicationControllers +Watch individual changes to a list of ReplicationController + +==== HTTP request +---- +GET /api/v1/watch/replicationcontrollers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/replicationcontrollers +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-replicationcontrollers]] +=== Watch all ReplicationControllers in a namespace +Watch individual changes to a list of ReplicationController + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/replicationcontrollers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/replicationcontrollers +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-replicationcontrollers-name]] +=== Update a ReplicationController in a namespace +Replace the specified ReplicationController + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ReplicationController", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME <<'EOF' +{ + "kind": "ReplicationController", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ReplicationController +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicationController +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationController +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-replicationcontrollers-name]] +=== Patch a ReplicationController in a namespace +Partially update the specified ReplicationController + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicationController +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationController +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-replicationcontrollers-name]] +=== Delete a ReplicationController in a namespace +Delete a ReplicationController + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicationController +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-replicationcontrollers]] +=== Delete all ReplicationControllers in a namespace +Delete collection of ReplicationController + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/replicationcontrollers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-replicationcontrollers-name-scale]] +=== Get scale of a ReplicationController in a namespace +Read scale of the specified Scale + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-replicationcontrollers-name-scale]] +=== Get scale of a ReplicationController in a namespace +Read scale of the specified Scale + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-namespaces-namespace-replicationcontrollers-name-scale]] +=== Update scale of a ReplicationController in a namespace +Replace scale of the specified Scale + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Scale", + "apiVersion": "autoscaling/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale <<'EOF' +{ + "kind": "Scale", + "apiVersion": "autoscaling/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Scale +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-replicationcontrollers-name-scale]] +=== Update scale of a ReplicationController in a namespace +Replace scale of the specified Scale + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Scale", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale <<'EOF' +{ + "kind": "Scale", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Scale +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-replicationcontrollers-name-scale]] +=== Patch scale of a ReplicationController in a namespace +Partially update scale of the specified Scale + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-replicationcontrollers-name-scale]] +=== Patch scale of a ReplicationController in a namespace +Partially update scale of the specified Scale + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/scale <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-replicationcontrollers-name-status]] +=== Get status of a ReplicationController in a namespace +Read status of the specified ReplicationController + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicationController +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationController +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-namespaces-namespace-replicationcontrollers-name-status]] +=== Update status of a ReplicationController in a namespace +Replace status of the specified ReplicationController + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ReplicationController", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/status <<'EOF' +{ + "kind": "ReplicationController", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ReplicationController +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicationController +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationController +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-replicationcontrollers-name-status]] +=== Patch status of a ReplicationController in a namespace +Partially update status of the specified ReplicationController + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/replicationcontrollers/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicationController +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ReplicationController +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.ResourceQuota.adoc b/rest_api/api/v1.ResourceQuota.adoc new file mode 100644 index 000000000000..ae25a240ea94 --- /dev/null +++ b/rest_api/api/v1.ResourceQuota.adoc @@ -0,0 +1,1101 @@ += v1.ResourceQuota +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ResourceQuota sets aggregate quota restrictions enforced per namespace + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  hard:
+
    [string]:
+
  scopes:
+
  - [string]:
+
status:
+
  hard:
+
    [string]:
+
  used:
+
    [string]:
+

+
+++++ + +== Operations + +[[Post-api-v1-resourcequotas]] +=== Create a ResourceQuota +Create a ResourceQuota + +==== HTTP request +---- +POST /api/v1/resourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ResourceQuota", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/resourcequotas <<'EOF' +{ + "kind": "ResourceQuota", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-resourcequotas]] +=== Create a ResourceQuota in a namespace +Create a ResourceQuota + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/resourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ResourceQuota", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas <<'EOF' +{ + "kind": "ResourceQuota", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ResourceQuota +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-resourcequotas-name]] +=== Get a ResourceQuota in a namespace +Read the specified ResourceQuota + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-resourcequotas]] +=== Get all ResourceQuotas +List or watch objects of kind ResourceQuota + +==== HTTP request +---- +GET /api/v1/resourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/resourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuotaList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-resourcequotas]] +=== Get all ResourceQuotas in a namespace +List or watch objects of kind ResourceQuota + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/resourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuotaList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-resourcequotas-name]] +=== Watch a ResourceQuota in a namespace +Watch changes to an object of kind ResourceQuota + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/resourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/resourcequotas/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-resourcequotas]] +=== Watch all ResourceQuotas +Watch individual changes to a list of ResourceQuota + +==== HTTP request +---- +GET /api/v1/watch/resourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/resourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-resourcequotas]] +=== Watch all ResourceQuotas in a namespace +Watch individual changes to a list of ResourceQuota + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/resourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/resourcequotas +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-resourcequotas-name]] +=== Update a ResourceQuota in a namespace +Replace the specified ResourceQuota + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ResourceQuota", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME <<'EOF' +{ + "kind": "ResourceQuota", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ResourceQuota +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-resourcequotas-name]] +=== Patch a ResourceQuota in a namespace +Partially update the specified ResourceQuota + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-resourcequotas-name]] +=== Delete a ResourceQuota in a namespace +Delete a ResourceQuota + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-resourcequotas]] +=== Delete all ResourceQuotas in a namespace +Delete collection of ResourceQuota + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/resourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-resourcequotas-name-status]] +=== Get status of a ResourceQuota in a namespace +Read status of the specified ResourceQuota + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-namespaces-namespace-resourcequotas-name-status]] +=== Update status of a ResourceQuota in a namespace +Replace status of the specified ResourceQuota + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ResourceQuota", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME/status <<'EOF' +{ + "kind": "ResourceQuota", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ResourceQuota +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-resourcequotas-name-status]] +=== Patch status of a ResourceQuota in a namespace +Partially update status of the specified ResourceQuota + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/resourcequotas/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.Secret.adoc b/rest_api/api/v1.Secret.adoc new file mode 100644 index 000000000000..4690578af3af --- /dev/null +++ b/rest_api/api/v1.Secret.adoc @@ -0,0 +1,888 @@ += v1.Secret +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
data:
+
  [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
stringData:
+
  [string]:
+
type:
+

+
+++++ + +== Operations + +[[Post-api-v1-secrets]] +=== Create a Secret +Create a Secret + +==== HTTP request +---- +POST /api/v1/secrets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Secret", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/secrets <<'EOF' +{ + "kind": "Secret", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Secret +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Secret +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-secrets]] +=== Create a Secret in a namespace +Create a Secret + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/secrets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Secret", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/secrets <<'EOF' +{ + "kind": "Secret", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Secret +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Secret +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-secrets-name]] +=== Get a Secret in a namespace +Read the specified Secret + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/secrets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/secrets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Secret +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Secret +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-secrets]] +=== Get all Secrets +List or watch objects of kind Secret + +==== HTTP request +---- +GET /api/v1/secrets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/secrets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecretList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-secrets]] +=== Get all Secrets in a namespace +List or watch objects of kind Secret + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/secrets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/secrets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecretList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-secrets-name]] +=== Watch a Secret in a namespace +Watch changes to an object of kind Secret + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/secrets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/secrets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Secret +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-secrets]] +=== Watch all Secrets +Watch individual changes to a list of Secret + +==== HTTP request +---- +GET /api/v1/watch/secrets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/secrets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-secrets]] +=== Watch all Secrets in a namespace +Watch individual changes to a list of Secret + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/secrets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/secrets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-secrets-name]] +=== Update a Secret in a namespace +Replace the specified Secret + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/secrets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Secret", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/secrets/$NAME <<'EOF' +{ + "kind": "Secret", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Secret +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Secret +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Secret +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-secrets-name]] +=== Patch a Secret in a namespace +Partially update the specified Secret + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/secrets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/secrets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Secret +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Secret +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-secrets-name]] +=== Delete a Secret in a namespace +Delete a Secret + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/secrets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/secrets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Secret +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-secrets]] +=== Delete all Secrets in a namespace +Delete collection of Secret + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/secrets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/secrets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.SecurityContextConstraints.adoc b/rest_api/api/v1.SecurityContextConstraints.adoc new file mode 100644 index 000000000000..7c510cb1ac9c --- /dev/null +++ b/rest_api/api/v1.SecurityContextConstraints.adoc @@ -0,0 +1,716 @@ += v1.SecurityContextConstraints +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SecurityContextConstraints governs the ability to make requests that affect the SecurityContext that will be applied to a container. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
allowHostDirVolumePlugin:
+
allowHostIPC:
+
allowHostNetwork:
+
allowHostPID:
+
allowHostPorts:
+
allowPrivilegedContainer:
+
allowedCapabilities:
+
- [string]:
+
apiVersion:
+
defaultAddCapabilities:
+
- [string]:
+
fsGroup:
+
  ranges:
+
  - max:
+
    min:
+
  type:
+
groups:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
priority:
+
readOnlyRootFilesystem:
+
requiredDropCapabilities:
+
- [string]:
+
runAsUser:
+
  type:
+
  uid:
+
  uidRangeMax:
+
  uidRangeMin:
+
seLinuxContext:
+
  seLinuxOptions:
+
    level:
+
    role:
+
    type:
+
    user:
+
  type:
+
seccompProfiles:
+
- [string]:
+
supplementalGroups:
+
  ranges:
+
  - max:
+
    min:
+
  type:
+
users:
+
- [string]:
+
volumes:
+
- [string]:
+

+
+++++ + +== Operations + +[[Post-api-v1-securitycontextconstraints]] +=== Create a SecurityContextConstraints +Create SecurityContextConstraints + +==== HTTP request +---- +POST /api/v1/securitycontextconstraints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SecurityContextConstraints", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/securitycontextconstraints <<'EOF' +{ + "kind": "SecurityContextConstraints", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-securitycontextconstraints-name]] +=== Get a SecurityContextConstraints +Read the specified SecurityContextConstraints + +==== HTTP request +---- +GET /api/v1/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/securitycontextconstraints/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-securitycontextconstraints]] +=== Get all SecurityContextConstraints +List or watch objects of kind SecurityContextConstraints + +==== HTTP request +---- +GET /api/v1/securitycontextconstraints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/securitycontextconstraints +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraintsList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-securitycontextconstraints-name]] +=== Watch a SecurityContextConstraints +Watch changes to an object of kind SecurityContextConstraints + +==== HTTP request +---- +GET /api/v1/watch/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/securitycontextconstraints/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-securitycontextconstraints]] +=== Watch all SecurityContextConstraints +Watch individual changes to a list of SecurityContextConstraints + +==== HTTP request +---- +GET /api/v1/watch/securitycontextconstraints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/securitycontextconstraints +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-securitycontextconstraints-name]] +=== Update a SecurityContextConstraints +Replace the specified SecurityContextConstraints + +==== HTTP request +---- +PUT /api/v1/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SecurityContextConstraints", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/securitycontextconstraints/$NAME <<'EOF' +{ + "kind": "SecurityContextConstraints", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SecurityContextConstraints +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-securitycontextconstraints-name]] +=== Patch a SecurityContextConstraints +Partially update the specified SecurityContextConstraints + +==== HTTP request +---- +PATCH /api/v1/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/securitycontextconstraints/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraints +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-securitycontextconstraints-name]] +=== Delete a SecurityContextConstraints +Delete SecurityContextConstraints + +==== HTTP request +---- +DELETE /api/v1/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/securitycontextconstraints/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-securitycontextconstraints]] +=== Delete all SecurityContextConstraints +Delete collection of SecurityContextConstraints + +==== HTTP request +---- +DELETE /api/v1/securitycontextconstraints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/securitycontextconstraints +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/api/v1.Service.adoc b/rest_api/api/v1.Service.adoc new file mode 100644 index 000000000000..ffb9fbff9761 --- /dev/null +++ b/rest_api/api/v1.Service.adoc @@ -0,0 +1,1781 @@ += v1.Service +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  clusterIP:
+
  externalIPs:
+
  - [string]:
+
  externalName:
+
  externalTrafficPolicy:
+
  healthCheckNodePort:
+
  loadBalancerIP:
+
  loadBalancerSourceRanges:
+
  - [string]:
+
  ports:
+
  - name:
+
    nodePort:
+
    port:
+
    protocol:
+
    targetPort:
+
  selector:
+
    [string]:
+
  sessionAffinity:
+
  type:
+
status:
+
  loadBalancer:
+
    ingress:
+
    - hostname:
+
      ip:
+

+
+++++ + +== Operations + +[[Post-api-v1-services]] +=== Create a Service +Create a Service + +==== HTTP request +---- +POST /api/v1/services HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Service", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/services <<'EOF' +{ + "kind": "Service", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Service +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Service +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-services]] +=== Create a Service in a namespace +Create a Service + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/services HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Service", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services <<'EOF' +{ + "kind": "Service", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Service +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Service +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-services-name]] +=== Get a Service in a namespace +Read the specified Service + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/services/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Service +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-services]] +=== Get all Services +List or watch objects of kind Service + +==== HTTP request +---- +GET /api/v1/services HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/services +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ServiceList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-services]] +=== Get all Services in a namespace +List or watch objects of kind Service + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/services HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ServiceList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-services-name]] +=== Watch a Service in a namespace +Watch changes to an object of kind Service + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/services/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/services/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-services]] +=== Watch all Services +Watch individual changes to a list of Service + +==== HTTP request +---- +GET /api/v1/watch/services HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/services +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-services]] +=== Watch all Services in a namespace +Watch individual changes to a list of Service + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/services HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/services +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-services-name]] +=== Update a Service in a namespace +Replace the specified Service + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/services/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Service", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME <<'EOF' +{ + "kind": "Service", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Service +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Service +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-services-name]] +=== Patch a Service in a namespace +Partially update the specified Service + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/services/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Service +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-services-name]] +=== Delete a Service in a namespace +Delete a Service + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/services/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-services-name-status]] +=== Get status of a Service in a namespace +Read status of the specified Service + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/services/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Service +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-api-v1-namespaces-namespace-services-name-status]] +=== Update status of a Service in a namespace +Replace status of the specified Service + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/services/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Service", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/status <<'EOF' +{ + "kind": "Service", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Service +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Service +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-services-name-status]] +=== Patch status of a Service in a namespace +Partially update status of the specified Service + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/services/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Service +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Options-api-v1-namespaces-namespace-services-name-proxy]] +=== Proxy OPTIONS request to a Service in a namespace +Connect OPTIONS requests to proxy of Service + +==== HTTP request +---- +OPTIONS /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X OPTIONS \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-api-v1-namespaces-namespace-services-name-proxy]] +=== Proxy POST request to a Service in a namespace +Connect POST requests to proxy of Service + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Head-api-v1-namespaces-namespace-services-name-proxy]] +=== Proxy HEAD request to a Service in a namespace +Connect HEAD requests to proxy of Service + +==== HTTP request +---- +HEAD /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X HEAD \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-namespaces-namespace-services-name-proxy]] +=== Proxy GET request to a Service in a namespace +Connect GET requests to proxy of Service + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Put-api-v1-namespaces-namespace-services-name-proxy]] +=== Proxy PUT request to a Service in a namespace +Connect PUT requests to proxy of Service + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Patch-api-v1-namespaces-namespace-services-name-proxy]] +=== Proxy PATCH request to a Service in a namespace +Connect PATCH requests to proxy of Service + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Delete-api-v1-namespaces-namespace-services-name-proxy]] +=== Proxy DELETE request to a Service in a namespace +Connect DELETE requests to proxy of Service + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Options-api-v1-namespaces-namespace-services-name-proxy-path]] +=== Proxy OPTIONS request to a Service in a namespace (with path) +Connect OPTIONS requests to proxy of Service + +==== HTTP request +---- +OPTIONS /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X OPTIONS \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-api-v1-namespaces-namespace-services-name-proxy-path]] +=== Proxy POST request to a Service in a namespace (with path) +Connect POST requests to proxy of Service + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Head-api-v1-namespaces-namespace-services-name-proxy-path]] +=== Proxy HEAD request to a Service in a namespace (with path) +Connect HEAD requests to proxy of Service + +==== HTTP request +---- +HEAD /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X HEAD \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Get-api-v1-namespaces-namespace-services-name-proxy-path]] +=== Proxy GET request to a Service in a namespace (with path) +Connect GET requests to proxy of Service + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Put-api-v1-namespaces-namespace-services-name-proxy-path]] +=== Proxy PUT request to a Service in a namespace (with path) +Connect PUT requests to proxy of Service + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Patch-api-v1-namespaces-namespace-services-name-proxy-path]] +=== Proxy PATCH request to a Service in a namespace (with path) +Connect PATCH requests to proxy of Service + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Delete-api-v1-namespaces-namespace-services-name-proxy-path]] +=== Proxy DELETE request to a Service in a namespace (with path) +Connect DELETE requests to proxy of Service + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/services/$NAME/proxy/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Service +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + + diff --git a/rest_api/api/v1.ServiceAccount.adoc b/rest_api/api/v1.ServiceAccount.adoc new file mode 100644 index 000000000000..f507bbcdf659 --- /dev/null +++ b/rest_api/api/v1.ServiceAccount.adoc @@ -0,0 +1,894 @@ += v1.ServiceAccount +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ServiceAccount binds together: * a name, understood by users, and perhaps by peripheral systems, for an identity * a principal that can be authenticated and authorized * a set of secrets + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
automountServiceAccountToken:
+
imagePullSecrets:
+
- name:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
secrets:
+
- apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-api-v1-serviceaccounts]] +=== Create a ServiceAccount +Create a ServiceAccount + +==== HTTP request +---- +POST /api/v1/serviceaccounts HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ServiceAccount", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/serviceaccounts <<'EOF' +{ + "kind": "ServiceAccount", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ServiceAccount +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ServiceAccount +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-api-v1-namespaces-namespace-serviceaccounts]] +=== Create a ServiceAccount in a namespace +Create a ServiceAccount + +==== HTTP request +---- +POST /api/v1/namespaces/$NAMESPACE/serviceaccounts HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ServiceAccount", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/serviceaccounts <<'EOF' +{ + "kind": "ServiceAccount", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ServiceAccount +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ServiceAccount +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-namespaces-namespace-serviceaccounts-name]] +=== Get a ServiceAccount in a namespace +Read the specified ServiceAccount + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/serviceaccounts/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/serviceaccounts/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ServiceAccount +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ServiceAccount +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-api-v1-serviceaccounts]] +=== Get all ServiceAccounts +List or watch objects of kind ServiceAccount + +==== HTTP request +---- +GET /api/v1/serviceaccounts HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/serviceaccounts +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ServiceAccountList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-namespaces-namespace-serviceaccounts]] +=== Get all ServiceAccounts in a namespace +List or watch objects of kind ServiceAccount + +==== HTTP request +---- +GET /api/v1/namespaces/$NAMESPACE/serviceaccounts HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/serviceaccounts +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ServiceAccountList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-serviceaccounts-name]] +=== Watch a ServiceAccount in a namespace +Watch changes to an object of kind ServiceAccount + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/serviceaccounts/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/serviceaccounts/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ServiceAccount +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-serviceaccounts]] +=== Watch all ServiceAccounts +Watch individual changes to a list of ServiceAccount + +==== HTTP request +---- +GET /api/v1/watch/serviceaccounts HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/serviceaccounts +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-api-v1-watch-namespaces-namespace-serviceaccounts]] +=== Watch all ServiceAccounts in a namespace +Watch individual changes to a list of ServiceAccount + +==== HTTP request +---- +GET /api/v1/watch/namespaces/$NAMESPACE/serviceaccounts HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/watch/namespaces/$NAMESPACE/serviceaccounts +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-api-v1-namespaces-namespace-serviceaccounts-name]] +=== Update a ServiceAccount in a namespace +Replace the specified ServiceAccount + +==== HTTP request +---- +PUT /api/v1/namespaces/$NAMESPACE/serviceaccounts/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ServiceAccount", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/serviceaccounts/$NAME <<'EOF' +{ + "kind": "ServiceAccount", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ServiceAccount +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ServiceAccount +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ServiceAccount +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-api-v1-namespaces-namespace-serviceaccounts-name]] +=== Patch a ServiceAccount in a namespace +Partially update the specified ServiceAccount + +==== HTTP request +---- +PATCH /api/v1/namespaces/$NAMESPACE/serviceaccounts/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/serviceaccounts/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ServiceAccount +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ServiceAccount +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-serviceaccounts-name]] +=== Delete a ServiceAccount in a namespace +Delete a ServiceAccount + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/serviceaccounts/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/serviceaccounts/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ServiceAccount +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-api-v1-namespaces-namespace-serviceaccounts]] +=== Delete all ServiceAccounts in a namespace +Delete collection of ServiceAccount + +==== HTTP request +---- +DELETE /api/v1/namespaces/$NAMESPACE/serviceaccounts HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/serviceaccounts +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-apps.openshift.io/v1.DeploymentConfig.adoc b/rest_api/apis-apps.openshift.io/v1.DeploymentConfig.adoc new file mode 100644 index 000000000000..70cd25af5d88 --- /dev/null +++ b/rest_api/apis-apps.openshift.io/v1.DeploymentConfig.adoc @@ -0,0 +1,2467 @@ += v1.DeploymentConfig +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Deployment Configs define the template for a pod and manages deploying new images or configuration changes. A single deployment configuration is usually analogous to a single micro-service. Can support many different deployment patterns, including full restart, customizable rolling updates, and fully custom behaviors, as well as pre- and post- deployment hooks. Each individual deployment is represented as a replication controller. + +A deployment is "triggered" when its configuration is changed or a tag in an Image Stream is changed. Triggers can be disabled to allow manual control over a deployment. The "strategy" determines how the deployment is carried out and may be changed at any time. The `latestVersion` field is updated when a new deployment is triggered by any means. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  minReadySeconds:
+
  paused:
+
  replicas:
+
  revisionHistoryLimit:
+
  selector:
+
    [string]:
+
  strategy:
+
    activeDeadlineSeconds:
+
    annotations:
+
      [string]:
+
    customParams:
+
      command:
+
      - [string]:
+
      environment:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      image:
+
    labels:
+
      [string]:
+
    recreateParams:
+
      mid:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      post:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      pre:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      timeoutSeconds:
+
    resources:
+
      limits:
+
        [string]:
+
      requests:
+
        [string]:
+
    rollingParams:
+
      intervalSeconds:
+
      maxSurge:
+
      maxUnavailable:
+
      post:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      pre:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      timeoutSeconds:
+
      updatePeriodSeconds:
+
    type:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
  test:
+
  triggers:
+
  - imageChangeParams:
+
  -   automatic:
+
      containerNames:
+
      - [string]:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      lastTriggeredImage:
+
    type:
+
status:
+
  availableReplicas:
+
  conditions:
+
  - lastTransitionTime:
+
    lastUpdateTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  details:
+
    causes:
+
    - imageTrigger:
+
    -   from:
+
    -     apiVersion:
+
          fieldPath:
+
          kind:
+
          name:
+
          namespace:
+
          resourceVersion:
+
          uid:
+
      type:
+
    message:
+
  latestVersion:
+
  observedGeneration:
+
  readyReplicas:
+
  replicas:
+
  unavailableReplicas:
+
  updatedReplicas:
+

+
+++++ + +== Operations + +[[Post-apis-apps.openshift.io-v1-deploymentconfigs]] +=== Create a DeploymentConfig +Create a DeploymentConfig + +==== HTTP request +---- +POST /apis/apps.openshift.io/v1/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfig", + "apiVersion": "apps.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/deploymentconfigs <<'EOF' +{ + "kind": "DeploymentConfig", + "apiVersion": "apps.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfig +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs]] +=== Create a DeploymentConfig in a namespace +Create a DeploymentConfig + +==== HTTP request +---- +POST /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfig", + "apiVersion": "apps.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs <<'EOF' +{ + "kind": "DeploymentConfig", + "apiVersion": "apps.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name]] +=== Get a DeploymentConfig in a namespace +Read the specified DeploymentConfig + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps.openshift.io-v1-deploymentconfigs]] +=== Get all DeploymentConfigs +List or watch objects of kind DeploymentConfig + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/deploymentconfigs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfigList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs]] +=== Get all DeploymentConfigs in a namespace +List or watch objects of kind DeploymentConfig + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfigList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps.openshift.io-v1-watch-namespaces-namespace-deploymentconfigs-name]] +=== Watch a DeploymentConfig in a namespace +Watch changes to an object of kind DeploymentConfig + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/watch/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/watch/namespaces/$NAMESPACE/deploymentconfigs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps.openshift.io-v1-watch-deploymentconfigs]] +=== Watch all DeploymentConfigs +Watch individual changes to a list of DeploymentConfig + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/watch/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/watch/deploymentconfigs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps.openshift.io-v1-watch-namespaces-namespace-deploymentconfigs]] +=== Watch all DeploymentConfigs in a namespace +Watch individual changes to a list of DeploymentConfig + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/watch/namespaces/$NAMESPACE/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/watch/namespaces/$NAMESPACE/deploymentconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name]] +=== Update a DeploymentConfig in a namespace +Replace the specified DeploymentConfig + +==== HTTP request +---- +PUT /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfig", + "apiVersion": "apps.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME <<'EOF' +{ + "kind": "DeploymentConfig", + "apiVersion": "apps.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name]] +=== Patch a DeploymentConfig in a namespace +Partially update the specified DeploymentConfig + +==== HTTP request +---- +PATCH /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name]] +=== Delete a DeploymentConfig in a namespace +Delete a DeploymentConfig + +==== HTTP request +---- +DELETE /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs]] +=== Delete all DeploymentConfigs in a namespace +Delete collection of DeploymentConfig + +==== HTTP request +---- +DELETE /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name-instantiate]] +=== Create instantiate of a DeploymentConfig in a namespace +Create instantiate of a DeploymentRequest + +==== HTTP request +---- +POST /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/instantiate HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentRequest", + "apiVersion": "apps.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/instantiate <<'EOF' +{ + "kind": "DeploymentRequest", + "apiVersion": "apps.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentRequest +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentRequest +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name-log]] +=== Get log of a DeploymentConfig in a namespace +Read log of the specified DeploymentLog + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/log HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/log +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentLog +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|container|The container for which to stream logs. Defaults to only container if there is one container in the pod. +|follow|Follow if true indicates that the build log should be streamed until the build terminates. +|limitBytes|If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit. +|nowait|NoWait if true causes the call to return immediately even if the deployment is not available yet. Otherwise the server will wait until the deployment has started. +|pretty|If 'true', then the output is pretty printed. +|previous|Return previous deployment logs. Defaults to false. +|sinceSeconds|A relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified. +|tailLines|If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime +|timestamps|If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false. +|version|Version of the deployment for which to view logs. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentLog +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name-rollback]] +=== Create rollback of a DeploymentConfig in a namespace +Create rollback of a DeploymentConfigRollback + +==== HTTP request +---- +POST /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/rollback HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfigRollback", + "apiVersion": "apps.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/rollback <<'EOF' +{ + "kind": "DeploymentConfigRollback", + "apiVersion": "apps.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfigRollback +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfigRollback +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfigRollback +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name-scale]] +=== Get scale of a DeploymentConfig in a namespace +Read scale of the specified Scale + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name-scale]] +=== Update scale of a DeploymentConfig in a namespace +Replace scale of the specified Scale + +==== HTTP request +---- +PUT /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Scale", + "apiVersion": "apps.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale <<'EOF' +{ + "kind": "Scale", + "apiVersion": "apps.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Scale +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name-scale]] +=== Patch scale of a DeploymentConfig in a namespace +Partially update scale of the specified Scale + +==== HTTP request +---- +PATCH /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name-status]] +=== Get status of a DeploymentConfig in a namespace +Read status of the specified DeploymentConfig + +==== HTTP request +---- +GET /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name-status]] +=== Update status of a DeploymentConfig in a namespace +Replace status of the specified DeploymentConfig + +==== HTTP request +---- +PUT /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfig", + "apiVersion": "apps.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status <<'EOF' +{ + "kind": "DeploymentConfig", + "apiVersion": "apps.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-apps.openshift.io-v1-namespaces-namespace-deploymentconfigs-name-status]] +=== Patch status of a DeploymentConfig in a namespace +Partially update status of the specified DeploymentConfig + +==== HTTP request +---- +PATCH /apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/apps.openshift.io/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-apps/v1beta1.ControllerRevision.adoc b/rest_api/apis-apps/v1beta1.ControllerRevision.adoc new file mode 100644 index 000000000000..b1baa31cbb7c --- /dev/null +++ b/rest_api/apis-apps/v1beta1.ControllerRevision.adoc @@ -0,0 +1,886 @@ += v1beta1.ControllerRevision +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
data:
+
  Raw:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
revision:
+

+
+++++ + +== Operations + +[[Post-apis-apps-v1beta1-controllerrevisions]] +=== Create a ControllerRevision +Create a ControllerRevision + +==== HTTP request +---- +POST /apis/apps/v1beta1/controllerrevisions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ControllerRevision", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/controllerrevisions <<'EOF' +{ + "kind": "ControllerRevision", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ControllerRevision +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ControllerRevision +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-apps-v1beta1-namespaces-namespace-controllerrevisions]] +=== Create a ControllerRevision in a namespace +Create a ControllerRevision + +==== HTTP request +---- +POST /apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ControllerRevision", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions <<'EOF' +{ + "kind": "ControllerRevision", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ControllerRevision +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ControllerRevision +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1-namespaces-namespace-controllerrevisions-name]] +=== Get a ControllerRevision in a namespace +Read the specified ControllerRevision + +==== HTTP request +---- +GET /apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ControllerRevision +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ControllerRevision +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1-controllerrevisions]] +=== Get all ControllerRevisions +List or watch objects of kind ControllerRevision + +==== HTTP request +---- +GET /apis/apps/v1beta1/controllerrevisions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/controllerrevisions +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ControllerRevisionList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-namespaces-namespace-controllerrevisions]] +=== Get all ControllerRevisions in a namespace +List or watch objects of kind ControllerRevision + +==== HTTP request +---- +GET /apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ControllerRevisionList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-watch-namespaces-namespace-controllerrevisions-name]] +=== Watch a ControllerRevision in a namespace +Watch changes to an object of kind ControllerRevision + +==== HTTP request +---- +GET /apis/apps/v1beta1/watch/namespaces/$NAMESPACE/controllerrevisions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/watch/namespaces/$NAMESPACE/controllerrevisions/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ControllerRevision +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-watch-controllerrevisions]] +=== Watch all ControllerRevisions +Watch individual changes to a list of ControllerRevision + +==== HTTP request +---- +GET /apis/apps/v1beta1/watch/controllerrevisions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/watch/controllerrevisions +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-watch-namespaces-namespace-controllerrevisions]] +=== Watch all ControllerRevisions in a namespace +Watch individual changes to a list of ControllerRevision + +==== HTTP request +---- +GET /apis/apps/v1beta1/watch/namespaces/$NAMESPACE/controllerrevisions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/watch/namespaces/$NAMESPACE/controllerrevisions +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-apps-v1beta1-namespaces-namespace-controllerrevisions-name]] +=== Update a ControllerRevision in a namespace +Replace the specified ControllerRevision + +==== HTTP request +---- +PUT /apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ControllerRevision", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions/$NAME <<'EOF' +{ + "kind": "ControllerRevision", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ControllerRevision +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ControllerRevision +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ControllerRevision +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-apps-v1beta1-namespaces-namespace-controllerrevisions-name]] +=== Patch a ControllerRevision in a namespace +Partially update the specified ControllerRevision + +==== HTTP request +---- +PATCH /apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ControllerRevision +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ControllerRevision +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-apps-v1beta1-namespaces-namespace-controllerrevisions-name]] +=== Delete a ControllerRevision in a namespace +Delete a ControllerRevision + +==== HTTP request +---- +DELETE /apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ControllerRevision +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-apps-v1beta1-namespaces-namespace-controllerrevisions]] +=== Delete all ControllerRevisions in a namespace +Delete collection of ControllerRevision + +==== HTTP request +---- +DELETE /apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/controllerrevisions +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-apps/v1beta1.Deployment.adoc b/rest_api/apis-apps/v1beta1.Deployment.adoc new file mode 100644 index 000000000000..11664cbe7eb6 --- /dev/null +++ b/rest_api/apis-apps/v1beta1.Deployment.adoc @@ -0,0 +1,2073 @@ += v1beta1.Deployment +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Deployment enables declarative updates for Pods and ReplicaSets. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  minReadySeconds:
+
  paused:
+
  progressDeadlineSeconds:
+
  replicas:
+
  revisionHistoryLimit:
+
  rollbackTo:
+
    revision:
+
  selector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+
  strategy:
+
    rollingUpdate:
+
      maxSurge:
+
      maxUnavailable:
+
    type:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
status:
+
  availableReplicas:
+
  collisionCount:
+
  conditions:
+
  - lastTransitionTime:
+
    lastUpdateTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  observedGeneration:
+
  readyReplicas:
+
  replicas:
+
  unavailableReplicas:
+
  updatedReplicas:
+

+
+++++ + +== Operations + +[[Post-apis-apps-v1beta1-deployments]] +=== Create a Deployment +Create a Deployment + +==== HTTP request +---- +POST /apis/apps/v1beta1/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Deployment", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/deployments <<'EOF' +{ + "kind": "Deployment", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Deployment +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-apps-v1beta1-namespaces-namespace-deployments]] +=== Create a Deployment in a namespace +Create a Deployment + +==== HTTP request +---- +POST /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Deployment", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments <<'EOF' +{ + "kind": "Deployment", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Deployment +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1-namespaces-namespace-deployments-name]] +=== Get a Deployment in a namespace +Read the specified Deployment + +==== HTTP request +---- +GET /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1-deployments]] +=== Get all Deployments +List or watch objects of kind Deployment + +==== HTTP request +---- +GET /apis/apps/v1beta1/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/deployments +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DeploymentList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-namespaces-namespace-deployments]] +=== Get all Deployments in a namespace +List or watch objects of kind Deployment + +==== HTTP request +---- +GET /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DeploymentList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-watch-namespaces-namespace-deployments-name]] +=== Watch a Deployment in a namespace +Watch changes to an object of kind Deployment + +==== HTTP request +---- +GET /apis/apps/v1beta1/watch/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/watch/namespaces/$NAMESPACE/deployments/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-watch-deployments]] +=== Watch all Deployments +Watch individual changes to a list of Deployment + +==== HTTP request +---- +GET /apis/apps/v1beta1/watch/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/watch/deployments +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-watch-namespaces-namespace-deployments]] +=== Watch all Deployments in a namespace +Watch individual changes to a list of Deployment + +==== HTTP request +---- +GET /apis/apps/v1beta1/watch/namespaces/$NAMESPACE/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/watch/namespaces/$NAMESPACE/deployments +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-apps-v1beta1-namespaces-namespace-deployments-name]] +=== Update a Deployment in a namespace +Replace the specified Deployment + +==== HTTP request +---- +PUT /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Deployment", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME <<'EOF' +{ + "kind": "Deployment", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Deployment +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-apps-v1beta1-namespaces-namespace-deployments-name]] +=== Patch a Deployment in a namespace +Partially update the specified Deployment + +==== HTTP request +---- +PATCH /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-apps-v1beta1-namespaces-namespace-deployments-name]] +=== Delete a Deployment in a namespace +Delete a Deployment + +==== HTTP request +---- +DELETE /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-apps-v1beta1-namespaces-namespace-deployments]] +=== Delete all Deployments in a namespace +Delete collection of Deployment + +==== HTTP request +---- +DELETE /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-apps-v1beta1-namespaces-namespace-deployments-name-rollback]] +=== Create rollback of a Deployment in a namespace +Create rollback of a DeploymentRollback + +==== HTTP request +---- +POST /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/rollback HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentRollback", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/rollback <<'EOF' +{ + "kind": "DeploymentRollback", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.DeploymentRollback +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentRollback +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DeploymentRollback +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1-namespaces-namespace-deployments-name-scale]] +=== Get scale of a Deployment in a namespace +Read scale of the specified Scale + +==== HTTP request +---- +GET /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-apps-v1beta1-namespaces-namespace-deployments-name-scale]] +=== Update scale of a Deployment in a namespace +Replace scale of the specified Scale + +==== HTTP request +---- +PUT /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Scale", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale <<'EOF' +{ + "kind": "Scale", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Scale +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-apps-v1beta1-namespaces-namespace-deployments-name-scale]] +=== Patch scale of a Deployment in a namespace +Partially update scale of the specified Scale + +==== HTTP request +---- +PATCH /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1-namespaces-namespace-deployments-name-status]] +=== Get status of a Deployment in a namespace +Read status of the specified Deployment + +==== HTTP request +---- +GET /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-apps-v1beta1-namespaces-namespace-deployments-name-status]] +=== Update status of a Deployment in a namespace +Replace status of the specified Deployment + +==== HTTP request +---- +PUT /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Deployment", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status <<'EOF' +{ + "kind": "Deployment", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Deployment +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-apps-v1beta1-namespaces-namespace-deployments-name-status]] +=== Patch status of a Deployment in a namespace +Partially update status of the specified Deployment + +==== HTTP request +---- +PATCH /apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-apps/v1beta1.StatefulSet.adoc b/rest_api/apis-apps/v1beta1.StatefulSet.adoc new file mode 100644 index 000000000000..9dded7b1d085 --- /dev/null +++ b/rest_api/apis-apps/v1beta1.StatefulSet.adoc @@ -0,0 +1,1874 @@ += v1beta1.StatefulSet +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +StatefulSet represents a set of pods with consistent identities. Identities are defined as: + - Network: A single stable DNS and hostname. + - Storage: As many VolumeClaims as requested. +The StatefulSet guarantees that a given network identity will always map to the same storage identity. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  podManagementPolicy:
+
  replicas:
+
  revisionHistoryLimit:
+
  selector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+
  serviceName:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
  updateStrategy:
+
    rollingUpdate:
+
      partition:
+
    type:
+
  volumeClaimTemplates:
+
  - apiVersion:
+
    kind:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      accessModes:
+
      - [string]:
+
      resources:
+
        limits:
+
          [string]:
+
        requests:
+
          [string]:
+
      selector:
+
        matchExpressions:
+
        - key:
+
          operator:
+
          values:
+
          - [string]:
+
        matchLabels:
+
          [string]:
+
      storageClassName:
+
      volumeName:
+
    status:
+
      accessModes:
+
      - [string]:
+
      capacity:
+
        [string]:
+
      phase:
+
status:
+
  currentReplicas:
+
  currentRevision:
+
  observedGeneration:
+
  readyReplicas:
+
  replicas:
+
  updateRevision:
+
  updatedReplicas:
+

+
+++++ + +== Operations + +[[Post-apis-apps-v1beta1-statefulsets]] +=== Create a StatefulSet +Create a StatefulSet + +==== HTTP request +---- +POST /apis/apps/v1beta1/statefulsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "StatefulSet", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/statefulsets <<'EOF' +{ + "kind": "StatefulSet", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.StatefulSet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-apps-v1beta1-namespaces-namespace-statefulsets]] +=== Create a StatefulSet in a namespace +Create a StatefulSet + +==== HTTP request +---- +POST /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "StatefulSet", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets <<'EOF' +{ + "kind": "StatefulSet", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.StatefulSet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1-namespaces-namespace-statefulsets-name]] +=== Get a StatefulSet in a namespace +Read the specified StatefulSet + +==== HTTP request +---- +GET /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StatefulSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1-statefulsets]] +=== Get all StatefulSets +List or watch objects of kind StatefulSet + +==== HTTP request +---- +GET /apis/apps/v1beta1/statefulsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/statefulsets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-namespaces-namespace-statefulsets]] +=== Get all StatefulSets in a namespace +List or watch objects of kind StatefulSet + +==== HTTP request +---- +GET /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-watch-namespaces-namespace-statefulsets-name]] +=== Watch a StatefulSet in a namespace +Watch changes to an object of kind StatefulSet + +==== HTTP request +---- +GET /apis/apps/v1beta1/watch/namespaces/$NAMESPACE/statefulsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/watch/namespaces/$NAMESPACE/statefulsets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StatefulSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-watch-statefulsets]] +=== Watch all StatefulSets +Watch individual changes to a list of StatefulSet + +==== HTTP request +---- +GET /apis/apps/v1beta1/watch/statefulsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/watch/statefulsets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-apps-v1beta1-watch-namespaces-namespace-statefulsets]] +=== Watch all StatefulSets in a namespace +Watch individual changes to a list of StatefulSet + +==== HTTP request +---- +GET /apis/apps/v1beta1/watch/namespaces/$NAMESPACE/statefulsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/watch/namespaces/$NAMESPACE/statefulsets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-apps-v1beta1-namespaces-namespace-statefulsets-name]] +=== Update a StatefulSet in a namespace +Replace the specified StatefulSet + +==== HTTP request +---- +PUT /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "StatefulSet", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME <<'EOF' +{ + "kind": "StatefulSet", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.StatefulSet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StatefulSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-apps-v1beta1-namespaces-namespace-statefulsets-name]] +=== Patch a StatefulSet in a namespace +Partially update the specified StatefulSet + +==== HTTP request +---- +PATCH /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StatefulSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSet +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-apps-v1beta1-namespaces-namespace-statefulsets-name]] +=== Delete a StatefulSet in a namespace +Delete a StatefulSet + +==== HTTP request +---- +DELETE /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StatefulSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-apps-v1beta1-namespaces-namespace-statefulsets]] +=== Delete all StatefulSets in a namespace +Delete collection of StatefulSet + +==== HTTP request +---- +DELETE /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps-v1beta1-namespaces-namespace-statefulsets-name-status]] +=== Get status of a StatefulSet in a namespace +Read status of the specified StatefulSet + +==== HTTP request +---- +GET /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StatefulSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-apps-v1beta1-namespaces-namespace-statefulsets-name-status]] +=== Update status of a StatefulSet in a namespace +Replace status of the specified StatefulSet + +==== HTTP request +---- +PUT /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "StatefulSet", + "apiVersion": "apps/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME/status <<'EOF' +{ + "kind": "StatefulSet", + "apiVersion": "apps/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.StatefulSet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StatefulSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-apps-v1beta1-namespaces-namespace-statefulsets-name-status]] +=== Patch status of a StatefulSet in a namespace +Partially update status of the specified StatefulSet + +==== HTTP request +---- +PATCH /apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/apps/v1beta1/namespaces/$NAMESPACE/statefulsets/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StatefulSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StatefulSet +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authentication.k8s.io/v1.TokenReview.adoc b/rest_api/apis-authentication.k8s.io/v1.TokenReview.adoc new file mode 100644 index 000000000000..fc45b7c2c223 --- /dev/null +++ b/rest_api/apis-authentication.k8s.io/v1.TokenReview.adoc @@ -0,0 +1,179 @@ += v1.TokenReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  token:
+
status:
+
  authenticated:
+
  error:
+
  user:
+
    extra:
+
      [string]:
+
    groups:
+
    - [string]:
+
    uid:
+
    username:
+

+
+++++ + +== Operations + +[[Post-apis-authentication.k8s.io-v1-tokenreviews]] +=== Create a TokenReview +Create a TokenReview + +==== HTTP request +---- +POST /apis/authentication.k8s.io/v1/tokenreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "TokenReview", + "apiVersion": "authentication.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authentication.k8s.io/v1/tokenreviews <<'EOF' +{ + "kind": "TokenReview", + "apiVersion": "authentication.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.TokenReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TokenReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authentication.k8s.io/v1beta1.TokenReview.adoc b/rest_api/apis-authentication.k8s.io/v1beta1.TokenReview.adoc new file mode 100644 index 000000000000..3ead228a4c24 --- /dev/null +++ b/rest_api/apis-authentication.k8s.io/v1beta1.TokenReview.adoc @@ -0,0 +1,179 @@ += v1beta1.TokenReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  token:
+
status:
+
  authenticated:
+
  error:
+
  user:
+
    extra:
+
      [string]:
+
    groups:
+
    - [string]:
+
    uid:
+
    username:
+

+
+++++ + +== Operations + +[[Post-apis-authentication.k8s.io-v1beta1-tokenreviews]] +=== Create a TokenReview +Create a TokenReview + +==== HTTP request +---- +POST /apis/authentication.k8s.io/v1beta1/tokenreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "TokenReview", + "apiVersion": "authentication.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authentication.k8s.io/v1beta1/tokenreviews <<'EOF' +{ + "kind": "TokenReview", + "apiVersion": "authentication.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.TokenReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.TokenReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.k8s.io/v1.LocalSubjectAccessReview.adoc b/rest_api/apis-authorization.k8s.io/v1.LocalSubjectAccessReview.adoc new file mode 100644 index 000000000000..eb1419422528 --- /dev/null +++ b/rest_api/apis-authorization.k8s.io/v1.LocalSubjectAccessReview.adoc @@ -0,0 +1,265 @@ += v1.LocalSubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  extra:
+
    [string]:
+
  groups:
+
  - [string]:
+
  nonResourceAttributes:
+
    path:
+
    verb:
+
  resourceAttributes:
+
    group:
+
    name:
+
    namespace:
+
    resource:
+
    subresource:
+
    verb:
+
    version:
+
  user:
+
status:
+
  allowed:
+
  evaluationError:
+
  reason:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.k8s.io-v1-localsubjectaccessreviews]] +=== Create a LocalSubjectAccessReview +Create a LocalSubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.k8s.io/v1/localsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1/localsubjectaccessreviews <<'EOF' +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalSubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-authorization.k8s.io-v1-namespaces-namespace-localsubjectaccessreviews]] +=== Create a LocalSubjectAccessReview in a namespace +Create a LocalSubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.k8s.io/v1/namespaces/$NAMESPACE/localsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1/namespaces/$NAMESPACE/localsubjectaccessreviews <<'EOF' +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalSubjectAccessReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.k8s.io/v1.SelfSubjectAccessReview.adoc b/rest_api/apis-authorization.k8s.io/v1.SelfSubjectAccessReview.adoc new file mode 100644 index 000000000000..36ad182adfc2 --- /dev/null +++ b/rest_api/apis-authorization.k8s.io/v1.SelfSubjectAccessReview.adoc @@ -0,0 +1,183 @@ += v1.SelfSubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means "in all namespaces". Self is a special case, because users should always be able to check whether they can perform an action + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  nonResourceAttributes:
+
    path:
+
    verb:
+
  resourceAttributes:
+
    group:
+
    name:
+
    namespace:
+
    resource:
+
    subresource:
+
    verb:
+
    version:
+
status:
+
  allowed:
+
  evaluationError:
+
  reason:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.k8s.io-v1-selfsubjectaccessreviews]] +=== Create a SelfSubjectAccessReview +Create a SelfSubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.k8s.io/v1/selfsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SelfSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1/selfsubjectaccessreviews <<'EOF' +{ + "kind": "SelfSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SelfSubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SelfSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.k8s.io/v1.SubjectAccessReview.adoc b/rest_api/apis-authorization.k8s.io/v1.SubjectAccessReview.adoc new file mode 100644 index 000000000000..5db024ec5e5d --- /dev/null +++ b/rest_api/apis-authorization.k8s.io/v1.SubjectAccessReview.adoc @@ -0,0 +1,188 @@ += v1.SubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SubjectAccessReview checks whether or not a user or group can perform an action. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  extra:
+
    [string]:
+
  groups:
+
  - [string]:
+
  nonResourceAttributes:
+
    path:
+
    verb:
+
  resourceAttributes:
+
    group:
+
    name:
+
    namespace:
+
    resource:
+
    subresource:
+
    verb:
+
    version:
+
  user:
+
status:
+
  allowed:
+
  evaluationError:
+
  reason:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.k8s.io-v1-subjectaccessreviews]] +=== Create a SubjectAccessReview +Create a SubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.k8s.io/v1/subjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1/subjectaccessreviews <<'EOF' +{ + "kind": "SubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.k8s.io/v1beta1.LocalSubjectAccessReview.adoc b/rest_api/apis-authorization.k8s.io/v1beta1.LocalSubjectAccessReview.adoc new file mode 100644 index 000000000000..382b03363e29 --- /dev/null +++ b/rest_api/apis-authorization.k8s.io/v1beta1.LocalSubjectAccessReview.adoc @@ -0,0 +1,265 @@ += v1beta1.LocalSubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  extra:
+
    [string]:
+
  group:
+
  - [string]:
+
  nonResourceAttributes:
+
    path:
+
    verb:
+
  resourceAttributes:
+
    group:
+
    name:
+
    namespace:
+
    resource:
+
    subresource:
+
    verb:
+
    version:
+
  user:
+
status:
+
  allowed:
+
  evaluationError:
+
  reason:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.k8s.io-v1beta1-localsubjectaccessreviews]] +=== Create a LocalSubjectAccessReview +Create a LocalSubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.k8s.io/v1beta1/localsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1beta1/localsubjectaccessreviews <<'EOF' +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.LocalSubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.LocalSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-authorization.k8s.io-v1beta1-namespaces-namespace-localsubjectaccessreviews]] +=== Create a LocalSubjectAccessReview in a namespace +Create a LocalSubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/localsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/localsubjectaccessreviews <<'EOF' +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.LocalSubjectAccessReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.LocalSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.k8s.io/v1beta1.SelfSubjectAccessReview.adoc b/rest_api/apis-authorization.k8s.io/v1beta1.SelfSubjectAccessReview.adoc new file mode 100644 index 000000000000..69a11cd203e9 --- /dev/null +++ b/rest_api/apis-authorization.k8s.io/v1beta1.SelfSubjectAccessReview.adoc @@ -0,0 +1,183 @@ += v1beta1.SelfSubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means "in all namespaces". Self is a special case, because users should always be able to check whether they can perform an action + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  nonResourceAttributes:
+
    path:
+
    verb:
+
  resourceAttributes:
+
    group:
+
    name:
+
    namespace:
+
    resource:
+
    subresource:
+
    verb:
+
    version:
+
status:
+
  allowed:
+
  evaluationError:
+
  reason:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.k8s.io-v1beta1-selfsubjectaccessreviews]] +=== Create a SelfSubjectAccessReview +Create a SelfSubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.k8s.io/v1beta1/selfsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SelfSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1beta1/selfsubjectaccessreviews <<'EOF' +{ + "kind": "SelfSubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.SelfSubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.SelfSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.k8s.io/v1beta1.SubjectAccessReview.adoc b/rest_api/apis-authorization.k8s.io/v1beta1.SubjectAccessReview.adoc new file mode 100644 index 000000000000..0e6501e5e5ba --- /dev/null +++ b/rest_api/apis-authorization.k8s.io/v1beta1.SubjectAccessReview.adoc @@ -0,0 +1,188 @@ += v1beta1.SubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SubjectAccessReview checks whether or not a user or group can perform an action. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  extra:
+
    [string]:
+
  group:
+
  - [string]:
+
  nonResourceAttributes:
+
    path:
+
    verb:
+
  resourceAttributes:
+
    group:
+
    name:
+
    namespace:
+
    resource:
+
    subresource:
+
    verb:
+
    version:
+
  user:
+
status:
+
  allowed:
+
  evaluationError:
+
  reason:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.k8s.io-v1beta1-subjectaccessreviews]] +=== Create a SubjectAccessReview +Create a SubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.k8s.io/v1beta1/subjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/v1beta1/subjectaccessreviews <<'EOF' +{ + "kind": "SubjectAccessReview", + "apiVersion": "authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.SubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.SubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.ClusterRole.adoc b/rest_api/apis-authorization.openshift.io/v1.ClusterRole.adoc new file mode 100644 index 000000000000..a091d23efbb7 --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.ClusterRole.adoc @@ -0,0 +1,515 @@ += v1.ClusterRole +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterRole is a logical grouping of PolicyRules that can be referenced as a unit by ClusterRoleBindings. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
rules:
+
- apiGroups:
+
- - [string]:
+
  attributeRestrictions:
+
    Raw:
+
  nonResourceURLs:
+
  - [string]:
+
  resourceNames:
+
  - [string]:
+
  resources:
+
  - [string]:
+
  verbs:
+
  - [string]:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-clusterroles]] +=== Create a ClusterRole +Create a ClusterRole + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/clusterroles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRole", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterroles <<'EOF' +{ + "kind": "ClusterRole", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-clusterroles-name]] +=== Get a ClusterRole +Read the specified ClusterRole + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterroles/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-clusterroles]] +=== Get all ClusterRoles +List objects of kind ClusterRole + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/clusterroles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterroles +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-authorization.openshift.io-v1-clusterroles-name]] +=== Update a ClusterRole +Replace the specified ClusterRole + +==== HTTP request +---- +PUT /apis/authorization.openshift.io/v1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRole", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterroles/$NAME <<'EOF' +{ + "kind": "ClusterRole", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterRole +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-authorization.openshift.io-v1-clusterroles-name]] +=== Patch a ClusterRole +Partially update the specified ClusterRole + +==== HTTP request +---- +PATCH /apis/authorization.openshift.io/v1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterroles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-authorization.openshift.io-v1-clusterroles-name]] +=== Delete a ClusterRole +Delete a ClusterRole + +==== HTTP request +---- +DELETE /apis/authorization.openshift.io/v1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterroles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.ClusterRoleBinding.adoc b/rest_api/apis-authorization.openshift.io/v1.ClusterRoleBinding.adoc new file mode 100644 index 000000000000..c3e384436bbd --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.ClusterRoleBinding.adoc @@ -0,0 +1,522 @@ += v1.ClusterRoleBinding +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterRoleBinding references a ClusterRole, but not contain it. It can reference any ClusterRole in the same namespace or in the global namespace. It adds who information via (Users and Groups) OR Subjects and namespace information by which namespace it exists in. ClusterRoleBindings in a given namespace only have effect in that namespace (excepting the master namespace which has power in all namespaces). + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
groupNames:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
roleRef:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
subjects:
+
- apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
userNames:
+
- [string]:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-clusterrolebindings]] +=== Create a ClusterRoleBinding +Create a ClusterRoleBinding + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/clusterrolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterrolebindings <<'EOF' +{ + "kind": "ClusterRoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-clusterrolebindings-name]] +=== Get a ClusterRoleBinding +Read the specified ClusterRoleBinding + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterrolebindings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-clusterrolebindings]] +=== Get all ClusterRoleBindings +List objects of kind ClusterRoleBinding + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/clusterrolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterrolebindings +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBindingList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-authorization.openshift.io-v1-clusterrolebindings-name]] +=== Update a ClusterRoleBinding +Replace the specified ClusterRoleBinding + +==== HTTP request +---- +PUT /apis/authorization.openshift.io/v1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterrolebindings/$NAME <<'EOF' +{ + "kind": "ClusterRoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterRoleBinding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-authorization.openshift.io-v1-clusterrolebindings-name]] +=== Patch a ClusterRoleBinding +Partially update the specified ClusterRoleBinding + +==== HTTP request +---- +PATCH /apis/authorization.openshift.io/v1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterrolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-authorization.openshift.io-v1-clusterrolebindings-name]] +=== Delete a ClusterRoleBinding +Delete a ClusterRoleBinding + +==== HTTP request +---- +DELETE /apis/authorization.openshift.io/v1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/clusterrolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.LocalResourceAccessReview.adoc b/rest_api/apis-authorization.openshift.io/v1.LocalResourceAccessReview.adoc new file mode 100644 index 000000000000..27695dcba4d4 --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.LocalResourceAccessReview.adoc @@ -0,0 +1,186 @@ += v1.LocalResourceAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +LocalResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec in a particular namespace + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
content:
+
  Raw:
+
isNonResourceURL:
+
kind:
+
namespace:
+
path:
+
resource:
+
resourceAPIGroup:
+
resourceAPIVersion:
+
resourceName:
+
verb:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-localresourceaccessreviews]] +=== Create a LocalResourceAccessReview +Create a LocalResourceAccessReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/localresourceaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalResourceAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/localresourceaccessreviews <<'EOF' +{ + "kind": "LocalResourceAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalResourceAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalResourceAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-authorization.openshift.io-v1-namespaces-namespace-localresourceaccessreviews]] +=== Create a LocalResourceAccessReview in a namespace +Create a LocalResourceAccessReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/localresourceaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalResourceAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/localresourceaccessreviews <<'EOF' +{ + "kind": "LocalResourceAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalResourceAccessReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalResourceAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.LocalSubjectAccessReview.adoc b/rest_api/apis-authorization.openshift.io/v1.LocalSubjectAccessReview.adoc new file mode 100644 index 000000000000..ba499339db12 --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.LocalSubjectAccessReview.adoc @@ -0,0 +1,191 @@ += v1.LocalSubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +LocalSubjectAccessReview is an object for requesting information about whether a user or group can perform an action in a particular namespace + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
content:
+
  Raw:
+
groups:
+
- [string]:
+
isNonResourceURL:
+
kind:
+
namespace:
+
path:
+
resource:
+
resourceAPIGroup:
+
resourceAPIVersion:
+
resourceName:
+
scopes:
+
- [string]:
+
user:
+
verb:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-localsubjectaccessreviews]] +=== Create a LocalSubjectAccessReview +Create a LocalSubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/localsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/localsubjectaccessreviews <<'EOF' +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalSubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-authorization.openshift.io-v1-namespaces-namespace-localsubjectaccessreviews]] +=== Create a LocalSubjectAccessReview in a namespace +Create a LocalSubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/localsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/localsubjectaccessreviews <<'EOF' +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalSubjectAccessReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.ResourceAccessReview.adoc b/rest_api/apis-authorization.openshift.io/v1.ResourceAccessReview.adoc new file mode 100644 index 000000000000..123ca44370c1 --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.ResourceAccessReview.adoc @@ -0,0 +1,109 @@ += v1.ResourceAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
content:
+
  Raw:
+
isNonResourceURL:
+
kind:
+
namespace:
+
path:
+
resource:
+
resourceAPIGroup:
+
resourceAPIVersion:
+
resourceName:
+
verb:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-resourceaccessreviews]] +=== Create a ResourceAccessReview +Create a ResourceAccessReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/resourceaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ResourceAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/resourceaccessreviews <<'EOF' +{ + "kind": "ResourceAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ResourceAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.Role.adoc b/rest_api/apis-authorization.openshift.io/v1.Role.adoc new file mode 100644 index 000000000000..6d0c9f99c372 --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.Role.adoc @@ -0,0 +1,657 @@ += v1.Role +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Role is a logical grouping of PolicyRules that can be referenced as a unit by RoleBindings. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
rules:
+
- apiGroups:
+
- - [string]:
+
  attributeRestrictions:
+
    Raw:
+
  nonResourceURLs:
+
  - [string]:
+
  resourceNames:
+
  - [string]:
+
  resources:
+
  - [string]:
+
  verbs:
+
  - [string]:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-roles]] +=== Create a Role +Create a Role + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Role", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/roles <<'EOF' +{ + "kind": "Role", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Role +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-authorization.openshift.io-v1-namespaces-namespace-roles]] +=== Create a Role in a namespace +Create a Role + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Role", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles <<'EOF' +{ + "kind": "Role", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Role +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-namespaces-namespace-roles-name]] +=== Get a Role in a namespace +Read the specified Role + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-roles]] +=== Get all Roles +List objects of kind Role + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/roles +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-authorization.openshift.io-v1-namespaces-namespace-roles]] +=== Get all Roles in a namespace +List objects of kind Role + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-authorization.openshift.io-v1-namespaces-namespace-roles-name]] +=== Update a Role in a namespace +Replace the specified Role + +==== HTTP request +---- +PUT /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Role", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles/$NAME <<'EOF' +{ + "kind": "Role", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Role +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-authorization.openshift.io-v1-namespaces-namespace-roles-name]] +=== Patch a Role in a namespace +Partially update the specified Role + +==== HTTP request +---- +PATCH /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-authorization.openshift.io-v1-namespaces-namespace-roles-name]] +=== Delete a Role in a namespace +Delete a Role + +==== HTTP request +---- +DELETE /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/roles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.RoleBinding.adoc b/rest_api/apis-authorization.openshift.io/v1.RoleBinding.adoc new file mode 100644 index 000000000000..a53775e8341e --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.RoleBinding.adoc @@ -0,0 +1,664 @@ += v1.RoleBinding +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +RoleBinding references a Role, but not contain it. It can reference any Role in the same namespace or in the global namespace. It adds who information via (Users and Groups) OR Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace (excepting the master namespace which has power in all namespaces). + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
groupNames:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
roleRef:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
subjects:
+
- apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
userNames:
+
- [string]:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-rolebindings]] +=== Create a RoleBinding +Create a RoleBinding + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/rolebindings <<'EOF' +{ + "kind": "RoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindings]] +=== Create a RoleBinding in a namespace +Create a RoleBinding + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings <<'EOF' +{ + "kind": "RoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBinding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindings-name]] +=== Get a RoleBinding in a namespace +Read the specified RoleBinding + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-rolebindings]] +=== Get all RoleBindings +List objects of kind RoleBinding + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/rolebindings +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindings]] +=== Get all RoleBindings in a namespace +List objects of kind RoleBinding + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindings-name]] +=== Update a RoleBinding in a namespace +Replace the specified RoleBinding + +==== HTTP request +---- +PUT /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings/$NAME <<'EOF' +{ + "kind": "RoleBinding", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBinding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindings-name]] +=== Patch a RoleBinding in a namespace +Partially update the specified RoleBinding + +==== HTTP request +---- +PATCH /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindings-name]] +=== Delete a RoleBinding in a namespace +Delete a RoleBinding + +==== HTTP request +---- +DELETE /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.RoleBindingRestriction.adoc b/rest_api/apis-authorization.openshift.io/v1.RoleBindingRestriction.adoc new file mode 100644 index 000000000000..ed4a3ce8d384 --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.RoleBindingRestriction.adoc @@ -0,0 +1,914 @@ += v1.RoleBindingRestriction +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +RoleBindingRestriction is an object that can be matched against a subject (user, group, or service account) to determine whether rolebindings on that subject are allowed in the namespace to which the RoleBindingRestriction belongs. If any one of those RoleBindingRestriction objects matches a subject, rolebindings on that subject in the namespace are allowed. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  grouprestriction:
+
    groups:
+
    - [string]:
+
    labels:
+
    - matchExpressions:
+
    - - key:
+
        operator:
+
        values:
+
        - [string]:
+
      matchLabels:
+
        [string]:
+
  serviceaccountrestriction:
+
    namespaces:
+
    - [string]:
+
    serviceaccounts:
+
    - name:
+
      namespace:
+
  userrestriction:
+
    groups:
+
    - [string]:
+
    labels:
+
    - matchExpressions:
+
    - - key:
+
        operator:
+
        values:
+
        - [string]:
+
      matchLabels:
+
        [string]:
+
    users:
+
    - [string]:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-rolebindingrestrictions]] +=== Create a RoleBindingRestriction +Create a RoleBindingRestriction + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBindingRestriction", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/rolebindingrestrictions <<'EOF' +{ + "kind": "RoleBindingRestriction", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBindingRestriction +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindingrestrictions]] +=== Create a RoleBindingRestriction in a namespace +Create a RoleBindingRestriction + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBindingRestriction", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions <<'EOF' +{ + "kind": "RoleBindingRestriction", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBindingRestriction +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindingrestrictions-name]] +=== Get a RoleBindingRestriction in a namespace +Read the specified RoleBindingRestriction + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io-v1-rolebindingrestrictions]] +=== Get all RoleBindingRestrictions +List or watch objects of kind RoleBindingRestriction + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/rolebindingrestrictions +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestrictionList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindingrestrictions]] +=== Get all RoleBindingRestrictions in a namespace +List or watch objects of kind RoleBindingRestriction + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestrictionList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-authorization.openshift.io-v1-watch-namespaces-namespace-rolebindingrestrictions-name]] +=== Watch a RoleBindingRestriction in a namespace +Watch changes to an object of kind RoleBindingRestriction + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/watch/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/watch/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-authorization.openshift.io-v1-watch-rolebindingrestrictions]] +=== Watch all RoleBindingRestrictions +Watch individual changes to a list of RoleBindingRestriction + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/watch/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/watch/rolebindingrestrictions +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-authorization.openshift.io-v1-watch-namespaces-namespace-rolebindingrestrictions]] +=== Watch all RoleBindingRestrictions in a namespace +Watch individual changes to a list of RoleBindingRestriction + +==== HTTP request +---- +GET /apis/authorization.openshift.io/v1/watch/namespaces/$NAMESPACE/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/watch/namespaces/$NAMESPACE/rolebindingrestrictions +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindingrestrictions-name]] +=== Update a RoleBindingRestriction in a namespace +Replace the specified RoleBindingRestriction + +==== HTTP request +---- +PUT /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBindingRestriction", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME <<'EOF' +{ + "kind": "RoleBindingRestriction", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBindingRestriction +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindingrestrictions-name]] +=== Patch a RoleBindingRestriction in a namespace +Partially update the specified RoleBindingRestriction + +==== HTTP request +---- +PATCH /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindingrestrictions-name]] +=== Delete a RoleBindingRestriction in a namespace +Delete a RoleBindingRestriction + +==== HTTP request +---- +DELETE /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-authorization.openshift.io-v1-namespaces-namespace-rolebindingrestrictions]] +=== Delete all RoleBindingRestrictions in a namespace +Delete collection of RoleBindingRestriction + +==== HTTP request +---- +DELETE /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/rolebindingrestrictions +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.SelfSubjectRulesReview.adoc b/rest_api/apis-authorization.openshift.io/v1.SelfSubjectRulesReview.adoc new file mode 100644 index 000000000000..6715b0c6b3f9 --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.SelfSubjectRulesReview.adoc @@ -0,0 +1,194 @@ += v1.SelfSubjectRulesReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SelfSubjectRulesReview is a resource you can create to determine which actions you can perform in a namespace + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  scopes:
+
  - [string]:
+
status:
+
  evaluationError:
+
  rules:
+
  - apiGroups:
+
  - - [string]:
+
    attributeRestrictions:
+
      Raw:
+
    nonResourceURLs:
+
    - [string]:
+
    resourceNames:
+
    - [string]:
+
    resources:
+
    - [string]:
+
    verbs:
+
    - [string]:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-selfsubjectrulesreviews]] +=== Create a SelfSubjectRulesReview +Create a SelfSubjectRulesReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/selfsubjectrulesreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SelfSubjectRulesReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/selfsubjectrulesreviews <<'EOF' +{ + "kind": "SelfSubjectRulesReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SelfSubjectRulesReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SelfSubjectRulesReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-authorization.openshift.io-v1-namespaces-namespace-selfsubjectrulesreviews]] +=== Create a SelfSubjectRulesReview in a namespace +Create a SelfSubjectRulesReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/selfsubjectrulesreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SelfSubjectRulesReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/selfsubjectrulesreviews <<'EOF' +{ + "kind": "SelfSubjectRulesReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SelfSubjectRulesReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SelfSubjectRulesReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.SubjectAccessReview.adoc b/rest_api/apis-authorization.openshift.io/v1.SubjectAccessReview.adoc new file mode 100644 index 000000000000..2a4a322ce95f --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.SubjectAccessReview.adoc @@ -0,0 +1,114 @@ += v1.SubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SubjectAccessReview is an object for requesting information about whether a user or group can perform an action + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
content:
+
  Raw:
+
groups:
+
- [string]:
+
isNonResourceURL:
+
kind:
+
namespace:
+
path:
+
resource:
+
resourceAPIGroup:
+
resourceAPIVersion:
+
resourceName:
+
scopes:
+
- [string]:
+
user:
+
verb:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-subjectaccessreviews]] +=== Create a SubjectAccessReview +Create a SubjectAccessReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/subjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SubjectAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/subjectaccessreviews <<'EOF' +{ + "kind": "SubjectAccessReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-authorization.openshift.io/v1.SubjectRulesReview.adoc b/rest_api/apis-authorization.openshift.io/v1.SubjectRulesReview.adoc new file mode 100644 index 000000000000..18f17348194d --- /dev/null +++ b/rest_api/apis-authorization.openshift.io/v1.SubjectRulesReview.adoc @@ -0,0 +1,197 @@ += v1.SubjectRulesReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SubjectRulesReview is a resource you can create to determine which actions another user can perform in a namespace + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  groups:
+
  - [string]:
+
  scopes:
+
  - [string]:
+
  user:
+
status:
+
  evaluationError:
+
  rules:
+
  - apiGroups:
+
  - - [string]:
+
    attributeRestrictions:
+
      Raw:
+
    nonResourceURLs:
+
    - [string]:
+
    resourceNames:
+
    - [string]:
+
    resources:
+
    - [string]:
+
    verbs:
+
    - [string]:
+

+
+++++ + +== Operations + +[[Post-apis-authorization.openshift.io-v1-subjectrulesreviews]] +=== Create a SubjectRulesReview +Create a SubjectRulesReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/subjectrulesreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SubjectRulesReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/subjectrulesreviews <<'EOF' +{ + "kind": "SubjectRulesReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SubjectRulesReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SubjectRulesReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-authorization.openshift.io-v1-namespaces-namespace-subjectrulesreviews]] +=== Create a SubjectRulesReview in a namespace +Create a SubjectRulesReview + +==== HTTP request +---- +POST /apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/subjectrulesreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SubjectRulesReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/v1/namespaces/$NAMESPACE/subjectrulesreviews <<'EOF' +{ + "kind": "SubjectRulesReview", + "apiVersion": "authorization.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SubjectRulesReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SubjectRulesReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-autoscaling/v1.HorizontalPodAutoscaler.adoc b/rest_api/apis-autoscaling/v1.HorizontalPodAutoscaler.adoc new file mode 100644 index 000000000000..4fc0527a6698 --- /dev/null +++ b/rest_api/apis-autoscaling/v1.HorizontalPodAutoscaler.adoc @@ -0,0 +1,1105 @@ += v1.HorizontalPodAutoscaler +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +configuration of a horizontal pod autoscaler. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  maxReplicas:
+
  minReplicas:
+
  scaleTargetRef:
+
    apiVersion:
+
    kind:
+
    name:
+
  targetCPUUtilizationPercentage:
+
status:
+
  currentCPUUtilizationPercentage:
+
  currentReplicas:
+
  desiredReplicas:
+
  lastScaleTime:
+
  observedGeneration:
+

+
+++++ + +== Operations + +[[Post-apis-autoscaling-v1-horizontalpodautoscalers]] +=== Create a HorizontalPodAutoscaler +Create a HorizontalPodAutoscaler + +==== HTTP request +---- +POST /apis/autoscaling/v1/horizontalpodautoscalers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "HorizontalPodAutoscaler", + "apiVersion": "autoscaling/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/horizontalpodautoscalers <<'EOF' +{ + "kind": "HorizontalPodAutoscaler", + "apiVersion": "autoscaling/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.HorizontalPodAutoscaler +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscaler +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers]] +=== Create a HorizontalPodAutoscaler in a namespace +Create a HorizontalPodAutoscaler + +==== HTTP request +---- +POST /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "HorizontalPodAutoscaler", + "apiVersion": "autoscaling/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers <<'EOF' +{ + "kind": "HorizontalPodAutoscaler", + "apiVersion": "autoscaling/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.HorizontalPodAutoscaler +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscaler +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers-name]] +=== Get a HorizontalPodAutoscaler in a namespace +Read the specified HorizontalPodAutoscaler + +==== HTTP request +---- +GET /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HorizontalPodAutoscaler +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscaler +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-autoscaling-v1-horizontalpodautoscalers]] +=== Get all HorizontalPodAutoscalers +List or watch objects of kind HorizontalPodAutoscaler + +==== HTTP request +---- +GET /apis/autoscaling/v1/horizontalpodautoscalers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/horizontalpodautoscalers +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscalerList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers]] +=== Get all HorizontalPodAutoscalers in a namespace +List or watch objects of kind HorizontalPodAutoscaler + +==== HTTP request +---- +GET /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscalerList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-autoscaling-v1-watch-namespaces-namespace-horizontalpodautoscalers-name]] +=== Watch a HorizontalPodAutoscaler in a namespace +Watch changes to an object of kind HorizontalPodAutoscaler + +==== HTTP request +---- +GET /apis/autoscaling/v1/watch/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/watch/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HorizontalPodAutoscaler +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-autoscaling-v1-watch-horizontalpodautoscalers]] +=== Watch all HorizontalPodAutoscalers +Watch individual changes to a list of HorizontalPodAutoscaler + +==== HTTP request +---- +GET /apis/autoscaling/v1/watch/horizontalpodautoscalers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/watch/horizontalpodautoscalers +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-autoscaling-v1-watch-namespaces-namespace-horizontalpodautoscalers]] +=== Watch all HorizontalPodAutoscalers in a namespace +Watch individual changes to a list of HorizontalPodAutoscaler + +==== HTTP request +---- +GET /apis/autoscaling/v1/watch/namespaces/$NAMESPACE/horizontalpodautoscalers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/watch/namespaces/$NAMESPACE/horizontalpodautoscalers +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers-name]] +=== Update a HorizontalPodAutoscaler in a namespace +Replace the specified HorizontalPodAutoscaler + +==== HTTP request +---- +PUT /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "HorizontalPodAutoscaler", + "apiVersion": "autoscaling/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME <<'EOF' +{ + "kind": "HorizontalPodAutoscaler", + "apiVersion": "autoscaling/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.HorizontalPodAutoscaler +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HorizontalPodAutoscaler +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscaler +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers-name]] +=== Patch a HorizontalPodAutoscaler in a namespace +Partially update the specified HorizontalPodAutoscaler + +==== HTTP request +---- +PATCH /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HorizontalPodAutoscaler +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscaler +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers-name]] +=== Delete a HorizontalPodAutoscaler in a namespace +Delete a HorizontalPodAutoscaler + +==== HTTP request +---- +DELETE /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HorizontalPodAutoscaler +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers]] +=== Delete all HorizontalPodAutoscalers in a namespace +Delete collection of HorizontalPodAutoscaler + +==== HTTP request +---- +DELETE /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers-name-status]] +=== Get status of a HorizontalPodAutoscaler in a namespace +Read status of the specified HorizontalPodAutoscaler + +==== HTTP request +---- +GET /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HorizontalPodAutoscaler +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscaler +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers-name-status]] +=== Update status of a HorizontalPodAutoscaler in a namespace +Replace status of the specified HorizontalPodAutoscaler + +==== HTTP request +---- +PUT /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "HorizontalPodAutoscaler", + "apiVersion": "autoscaling/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME/status <<'EOF' +{ + "kind": "HorizontalPodAutoscaler", + "apiVersion": "autoscaling/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.HorizontalPodAutoscaler +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HorizontalPodAutoscaler +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscaler +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-autoscaling-v1-namespaces-namespace-horizontalpodautoscalers-name-status]] +=== Patch status of a HorizontalPodAutoscaler in a namespace +Partially update status of the specified HorizontalPodAutoscaler + +==== HTTP request +---- +PATCH /apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/autoscaling/v1/namespaces/$NAMESPACE/horizontalpodautoscalers/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HorizontalPodAutoscaler +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HorizontalPodAutoscaler +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-batch/v1.Job.adoc b/rest_api/apis-batch/v1.Job.adoc new file mode 100644 index 000000000000..fc2ae577b219 --- /dev/null +++ b/rest_api/apis-batch/v1.Job.adoc @@ -0,0 +1,1777 @@ += v1.Job +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Job represents the configuration of a single job. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  activeDeadlineSeconds:
+
  completions:
+
  manualSelector:
+
  parallelism:
+
  selector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
status:
+
  active:
+
  completionTime:
+
  conditions:
+
  - lastProbeTime:
+
    lastTransitionTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  failed:
+
  startTime:
+
  succeeded:
+

+
+++++ + +== Operations + +[[Post-apis-batch-v1-jobs]] +=== Create a Job +Create a Job + +==== HTTP request +---- +POST /apis/batch/v1/jobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Job", + "apiVersion": "batch/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v1/jobs <<'EOF' +{ + "kind": "Job", + "apiVersion": "batch/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Job +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Job +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-batch-v1-namespaces-namespace-jobs]] +=== Create a Job in a namespace +Create a Job + +==== HTTP request +---- +POST /apis/batch/v1/namespaces/$NAMESPACE/jobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Job", + "apiVersion": "batch/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs <<'EOF' +{ + "kind": "Job", + "apiVersion": "batch/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Job +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Job +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v1-namespaces-namespace-jobs-name]] +=== Get a Job in a namespace +Read the specified Job + +==== HTTP request +---- +GET /apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Job +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Job +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v1-jobs]] +=== Get all Jobs +List or watch objects of kind Job + +==== HTTP request +---- +GET /apis/batch/v1/jobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v1/jobs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.JobList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v1-namespaces-namespace-jobs]] +=== Get all Jobs in a namespace +List or watch objects of kind Job + +==== HTTP request +---- +GET /apis/batch/v1/namespaces/$NAMESPACE/jobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.JobList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v1-watch-namespaces-namespace-jobs-name]] +=== Watch a Job in a namespace +Watch changes to an object of kind Job + +==== HTTP request +---- +GET /apis/batch/v1/watch/namespaces/$NAMESPACE/jobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v1/watch/namespaces/$NAMESPACE/jobs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Job +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v1-watch-jobs]] +=== Watch all Jobs +Watch individual changes to a list of Job + +==== HTTP request +---- +GET /apis/batch/v1/watch/jobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v1/watch/jobs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v1-watch-namespaces-namespace-jobs]] +=== Watch all Jobs in a namespace +Watch individual changes to a list of Job + +==== HTTP request +---- +GET /apis/batch/v1/watch/namespaces/$NAMESPACE/jobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v1/watch/namespaces/$NAMESPACE/jobs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-batch-v1-namespaces-namespace-jobs-name]] +=== Update a Job in a namespace +Replace the specified Job + +==== HTTP request +---- +PUT /apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Job", + "apiVersion": "batch/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME <<'EOF' +{ + "kind": "Job", + "apiVersion": "batch/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Job +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Job +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Job +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-batch-v1-namespaces-namespace-jobs-name]] +=== Patch a Job in a namespace +Partially update the specified Job + +==== HTTP request +---- +PATCH /apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Job +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Job +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-batch-v1-namespaces-namespace-jobs-name]] +=== Delete a Job in a namespace +Delete a Job + +==== HTTP request +---- +DELETE /apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Job +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-batch-v1-namespaces-namespace-jobs]] +=== Delete all Jobs in a namespace +Delete collection of Job + +==== HTTP request +---- +DELETE /apis/batch/v1/namespaces/$NAMESPACE/jobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v1-namespaces-namespace-jobs-name-status]] +=== Get status of a Job in a namespace +Read status of the specified Job + +==== HTTP request +---- +GET /apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Job +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Job +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-batch-v1-namespaces-namespace-jobs-name-status]] +=== Update status of a Job in a namespace +Replace status of the specified Job + +==== HTTP request +---- +PUT /apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Job", + "apiVersion": "batch/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME/status <<'EOF' +{ + "kind": "Job", + "apiVersion": "batch/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Job +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Job +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Job +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-batch-v1-namespaces-namespace-jobs-name-status]] +=== Patch status of a Job in a namespace +Partially update status of the specified Job + +==== HTTP request +---- +PATCH /apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/batch/v1/namespaces/$NAMESPACE/jobs/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Job +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Job +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-batch/v2alpha1.CronJob.adoc b/rest_api/apis-batch/v2alpha1.CronJob.adoc new file mode 100644 index 000000000000..675283980afe --- /dev/null +++ b/rest_api/apis-batch/v2alpha1.CronJob.adoc @@ -0,0 +1,1850 @@ += v2alpha1.CronJob +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +CronJob represents the configuration of a single cron job. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  concurrencyPolicy:
+
  failedJobsHistoryLimit:
+
  jobTemplate:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      completions:
+
      manualSelector:
+
      parallelism:
+
      selector:
+
        matchExpressions:
+
        - key:
+
          operator:
+
          values:
+
          - [string]:
+
        matchLabels:
+
          [string]:
+
      template:
+
        metadata:
+
          annotations:
+
            [string]:
+
          clusterName:
+
          creationTimestamp:
+
          deletionGracePeriodSeconds:
+
          deletionTimestamp:
+
          finalizers:
+
          - [string]:
+
          generateName:
+
          generation:
+
          initializers:
+
            pending:
+
            - name:
+
            result:
+
              apiVersion:
+
              code:
+
              details:
+
                causes:
+
                - field:
+
                  message:
+
                  reason:
+
                group:
+
                kind:
+
                name:
+
                retryAfterSeconds:
+
                uid:
+
              kind:
+
              message:
+
              metadata:
+
                resourceVersion:
+
                selfLink:
+
              reason:
+
              status:
+
          labels:
+
            [string]:
+
          name:
+
          namespace:
+
          ownerReferences:
+
          - apiVersion:
+
            blockOwnerDeletion:
+
            controller:
+
            kind:
+
            name:
+
            uid:
+
          resourceVersion:
+
          selfLink:
+
          uid:
+
        spec:
+
          activeDeadlineSeconds:
+
          affinity:
+
            nodeAffinity:
+
              preferredDuringSchedulingIgnoredDuringExecution:
+
              - preference:
+
              -   matchExpressions:
+
              -   - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                weight:
+
              requiredDuringSchedulingIgnoredDuringExecution:
+
                nodeSelectorTerms:
+
                - matchExpressions:
+
                - - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
            podAffinity:
+
              preferredDuringSchedulingIgnoredDuringExecution:
+
              - podAffinityTerm:
+
              -   labelSelector:
+
              -     matchExpressions:
+
              -     - key:
+
                      operator:
+
                      values:
+
                      - [string]:
+
                    matchLabels:
+
                      [string]:
+
                  namespaces:
+
                  - [string]:
+
                  topologyKey:
+
                weight:
+
              requiredDuringSchedulingIgnoredDuringExecution:
+
              - labelSelector:
+
              -   matchExpressions:
+
              -   - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                  matchLabels:
+
                    [string]:
+
                namespaces:
+
                - [string]:
+
                topologyKey:
+
            podAntiAffinity:
+
              preferredDuringSchedulingIgnoredDuringExecution:
+
              - podAffinityTerm:
+
              -   labelSelector:
+
              -     matchExpressions:
+
              -     - key:
+
                      operator:
+
                      values:
+
                      - [string]:
+
                    matchLabels:
+
                      [string]:
+
                  namespaces:
+
                  - [string]:
+
                  topologyKey:
+
                weight:
+
              requiredDuringSchedulingIgnoredDuringExecution:
+
              - labelSelector:
+
              -   matchExpressions:
+
              -   - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                  matchLabels:
+
                    [string]:
+
                namespaces:
+
                - [string]:
+
                topologyKey:
+
          automountServiceAccountToken:
+
          containers:
+
          - args:
+
          - - [string]:
+
            command:
+
            - [string]:
+
            env:
+
            - name:
+
              value:
+
              valueFrom:
+
                configMapKeyRef:
+
                  key:
+
                  name:
+
                  optional:
+
                fieldRef:
+
                  apiVersion:
+
                  fieldPath:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
                secretKeyRef:
+
                  key:
+
                  name:
+
                  optional:
+
            envFrom:
+
            - configMapRef:
+
            -   name:
+
                optional:
+
              prefix:
+
              secretRef:
+
                name:
+
                optional:
+
            image:
+
            imagePullPolicy:
+
            lifecycle:
+
              postStart:
+
                exec:
+
                  command:
+
                  - [string]:
+
                httpGet:
+
                  host:
+
                  httpHeaders:
+
                  - name:
+
                    value:
+
                  path:
+
                  port:
+
                  scheme:
+
                tcpSocket:
+
                  host:
+
                  port:
+
              preStop:
+
                exec:
+
                  command:
+
                  - [string]:
+
                httpGet:
+
                  host:
+
                  httpHeaders:
+
                  - name:
+
                    value:
+
                  path:
+
                  port:
+
                  scheme:
+
                tcpSocket:
+
                  host:
+
                  port:
+
            livenessProbe:
+
              exec:
+
                command:
+
                - [string]:
+
              failureThreshold:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              initialDelaySeconds:
+
              periodSeconds:
+
              successThreshold:
+
              tcpSocket:
+
                host:
+
                port:
+
              timeoutSeconds:
+
            name:
+
            ports:
+
            - containerPort:
+
              hostIP:
+
              hostPort:
+
              name:
+
              protocol:
+
            readinessProbe:
+
              exec:
+
                command:
+
                - [string]:
+
              failureThreshold:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              initialDelaySeconds:
+
              periodSeconds:
+
              successThreshold:
+
              tcpSocket:
+
                host:
+
                port:
+
              timeoutSeconds:
+
            resources:
+
              limits:
+
                [string]:
+
              requests:
+
                [string]:
+
            securityContext:
+
              capabilities:
+
                add:
+
                - [string]:
+
                drop:
+
                - [string]:
+
              privileged:
+
              readOnlyRootFilesystem:
+
              runAsNonRoot:
+
              runAsUser:
+
              seLinuxOptions:
+
                level:
+
                role:
+
                type:
+
                user:
+
            stdin:
+
            stdinOnce:
+
            terminationMessagePath:
+
            terminationMessagePolicy:
+
            tty:
+
            volumeMounts:
+
            - mountPath:
+
              name:
+
              readOnly:
+
              subPath:
+
            workingDir:
+
          dnsPolicy:
+
          hostAliases:
+
          - hostnames:
+
          - - [string]:
+
            ip:
+
          hostIPC:
+
          hostNetwork:
+
          hostPID:
+
          hostname:
+
          imagePullSecrets:
+
          - name:
+
          initContainers:
+
          - args:
+
          - - [string]:
+
            command:
+
            - [string]:
+
            env:
+
            - name:
+
              value:
+
              valueFrom:
+
                configMapKeyRef:
+
                  key:
+
                  name:
+
                  optional:
+
                fieldRef:
+
                  apiVersion:
+
                  fieldPath:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
                secretKeyRef:
+
                  key:
+
                  name:
+
                  optional:
+
            envFrom:
+
            - configMapRef:
+
            -   name:
+
                optional:
+
              prefix:
+
              secretRef:
+
                name:
+
                optional:
+
            image:
+
            imagePullPolicy:
+
            lifecycle:
+
              postStart:
+
                exec:
+
                  command:
+
                  - [string]:
+
                httpGet:
+
                  host:
+
                  httpHeaders:
+
                  - name:
+
                    value:
+
                  path:
+
                  port:
+
                  scheme:
+
                tcpSocket:
+
                  host:
+
                  port:
+
              preStop:
+
                exec:
+
                  command:
+
                  - [string]:
+
                httpGet:
+
                  host:
+
                  httpHeaders:
+
                  - name:
+
                    value:
+
                  path:
+
                  port:
+
                  scheme:
+
                tcpSocket:
+
                  host:
+
                  port:
+
            livenessProbe:
+
              exec:
+
                command:
+
                - [string]:
+
              failureThreshold:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              initialDelaySeconds:
+
              periodSeconds:
+
              successThreshold:
+
              tcpSocket:
+
                host:
+
                port:
+
              timeoutSeconds:
+
            name:
+
            ports:
+
            - containerPort:
+
              hostIP:
+
              hostPort:
+
              name:
+
              protocol:
+
            readinessProbe:
+
              exec:
+
                command:
+
                - [string]:
+
              failureThreshold:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              initialDelaySeconds:
+
              periodSeconds:
+
              successThreshold:
+
              tcpSocket:
+
                host:
+
                port:
+
              timeoutSeconds:
+
            resources:
+
              limits:
+
                [string]:
+
              requests:
+
                [string]:
+
            securityContext:
+
              capabilities:
+
                add:
+
                - [string]:
+
                drop:
+
                - [string]:
+
              privileged:
+
              readOnlyRootFilesystem:
+
              runAsNonRoot:
+
              runAsUser:
+
              seLinuxOptions:
+
                level:
+
                role:
+
                type:
+
                user:
+
            stdin:
+
            stdinOnce:
+
            terminationMessagePath:
+
            terminationMessagePolicy:
+
            tty:
+
            volumeMounts:
+
            - mountPath:
+
              name:
+
              readOnly:
+
              subPath:
+
            workingDir:
+
          nodeName:
+
          nodeSelector:
+
            [string]:
+
          restartPolicy:
+
          schedulerName:
+
          securityContext:
+
            fsGroup:
+
            runAsNonRoot:
+
            runAsUser:
+
            seLinuxOptions:
+
              level:
+
              role:
+
              type:
+
              user:
+
            supplementalGroups:
+
            - [integer]:
+
          serviceAccount:
+
          serviceAccountName:
+
          subdomain:
+
          terminationGracePeriodSeconds:
+
          tolerations:
+
          - effect:
+
            key:
+
            operator:
+
            tolerationSeconds:
+
            value:
+
          volumes:
+
          - awsElasticBlockStore:
+
          -   fsType:
+
              partition:
+
              readOnly:
+
              volumeID:
+
            azureDisk:
+
              cachingMode:
+
              diskName:
+
              diskURI:
+
              fsType:
+
              kind:
+
              readOnly:
+
            azureFile:
+
              readOnly:
+
              secretName:
+
              shareName:
+
            cephfs:
+
              monitors:
+
              - [string]:
+
              path:
+
              readOnly:
+
              secretFile:
+
              secretRef:
+
                name:
+
              user:
+
            cinder:
+
              fsType:
+
              readOnly:
+
              volumeID:
+
            configMap:
+
              defaultMode:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              defaultMode:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            emptyDir:
+
              medium:
+
              sizeLimit:
+
            fc:
+
              fsType:
+
              lun:
+
              readOnly:
+
              targetWWNs:
+
              - [string]:
+
            flexVolume:
+
              driver:
+
              fsType:
+
              options:
+
                [string]:
+
              readOnly:
+
              secretRef:
+
                name:
+
            flocker:
+
              datasetName:
+
              datasetUUID:
+
            gcePersistentDisk:
+
              fsType:
+
              partition:
+
              pdName:
+
              readOnly:
+
            gitRepo:
+
              directory:
+
              repository:
+
              revision:
+
            glusterfs:
+
              endpoints:
+
              path:
+
              readOnly:
+
            hostPath:
+
              path:
+
            iscsi:
+
              chapAuthDiscovery:
+
              chapAuthSession:
+
              fsType:
+
              iqn:
+
              iscsiInterface:
+
              lun:
+
              portals:
+
              - [string]:
+
              readOnly:
+
              secretRef:
+
                name:
+
              targetPortal:
+
            name:
+
            nfs:
+
              path:
+
              readOnly:
+
              server:
+
            persistentVolumeClaim:
+
              claimName:
+
              readOnly:
+
            photonPersistentDisk:
+
              fsType:
+
              pdID:
+
            portworxVolume:
+
              fsType:
+
              readOnly:
+
              volumeID:
+
            projected:
+
              defaultMode:
+
              sources:
+
              - configMap:
+
              -   items:
+
              -   - key:
+
                    mode:
+
                    path:
+
                  name:
+
                  optional:
+
                downwardAPI:
+
                  items:
+
                  - fieldRef:
+
                  -   apiVersion:
+
                      fieldPath:
+
                    mode:
+
                    path:
+
                    resourceFieldRef:
+
                      containerName:
+
                      divisor:
+
                      resource:
+
                secret:
+
                  items:
+
                  - key:
+
                    mode:
+
                    path:
+
                  name:
+
                  optional:
+
            quobyte:
+
              group:
+
              readOnly:
+
              registry:
+
              user:
+
              volume:
+
            rbd:
+
              fsType:
+
              image:
+
              keyring:
+
              monitors:
+
              - [string]:
+
              pool:
+
              readOnly:
+
              secretRef:
+
                name:
+
              user:
+
            scaleIO:
+
              fsType:
+
              gateway:
+
              protectionDomain:
+
              readOnly:
+
              secretRef:
+
                name:
+
              sslEnabled:
+
              storageMode:
+
              storagePool:
+
              system:
+
              volumeName:
+
            secret:
+
              defaultMode:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              optional:
+
              secretName:
+
            storageos:
+
              fsType:
+
              readOnly:
+
              secretRef:
+
                name:
+
              volumeName:
+
              volumeNamespace:
+
            vsphereVolume:
+
              fsType:
+
              storagePolicyID:
+
              storagePolicyName:
+
              volumePath:
+
  schedule:
+
  startingDeadlineSeconds:
+
  successfulJobsHistoryLimit:
+
  suspend:
+
status:
+
  active:
+
  - apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  lastScheduleTime:
+

+
+++++ + +== Operations + +[[Post-apis-batch-v2alpha1-cronjobs]] +=== Create a CronJob +Create a CronJob + +==== HTTP request +---- +POST /apis/batch/v2alpha1/cronjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/cronjobs <<'EOF' +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v2alpha1.CronJob +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-batch-v2alpha1-namespaces-namespace-cronjobs]] +=== Create a CronJob in a namespace +Create a CronJob + +==== HTTP request +---- +POST /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs <<'EOF' +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v2alpha1.CronJob +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v2alpha1-namespaces-namespace-cronjobs-name]] +=== Get a CronJob in a namespace +Read the specified CronJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CronJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v2alpha1-cronjobs]] +=== Get all CronJobs +List or watch objects of kind CronJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/cronjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/cronjobs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJobList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v2alpha1-namespaces-namespace-cronjobs]] +=== Get all CronJobs in a namespace +List or watch objects of kind CronJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJobList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v2alpha1-watch-namespaces-namespace-cronjobs-name]] +=== Watch a CronJob in a namespace +Watch changes to an object of kind CronJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/watch/namespaces/$NAMESPACE/cronjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/watch/namespaces/$NAMESPACE/cronjobs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CronJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v2alpha1-watch-cronjobs]] +=== Watch all CronJobs +Watch individual changes to a list of CronJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/watch/cronjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/watch/cronjobs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v2alpha1-watch-namespaces-namespace-cronjobs]] +=== Watch all CronJobs in a namespace +Watch individual changes to a list of CronJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/watch/namespaces/$NAMESPACE/cronjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/watch/namespaces/$NAMESPACE/cronjobs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-batch-v2alpha1-namespaces-namespace-cronjobs-name]] +=== Update a CronJob in a namespace +Replace the specified CronJob + +==== HTTP request +---- +PUT /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME <<'EOF' +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v2alpha1.CronJob +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CronJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-batch-v2alpha1-namespaces-namespace-cronjobs-name]] +=== Patch a CronJob in a namespace +Partially update the specified CronJob + +==== HTTP request +---- +PATCH /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CronJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-batch-v2alpha1-namespaces-namespace-cronjobs-name]] +=== Delete a CronJob in a namespace +Delete a CronJob + +==== HTTP request +---- +DELETE /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CronJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-batch-v2alpha1-namespaces-namespace-cronjobs]] +=== Delete all CronJobs in a namespace +Delete collection of CronJob + +==== HTTP request +---- +DELETE /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v2alpha1-namespaces-namespace-cronjobs-name-status]] +=== Get status of a CronJob in a namespace +Read status of the specified CronJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CronJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-batch-v2alpha1-namespaces-namespace-cronjobs-name-status]] +=== Update status of a CronJob in a namespace +Replace status of the specified CronJob + +==== HTTP request +---- +PUT /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME/status <<'EOF' +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v2alpha1.CronJob +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CronJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-batch-v2alpha1-namespaces-namespace-cronjobs-name-status]] +=== Patch status of a CronJob in a namespace +Partially update status of the specified CronJob + +==== HTTP request +---- +PATCH /apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/cronjobs/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CronJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-batch/v2alpha1.ScheduledJob.adoc b/rest_api/apis-batch/v2alpha1.ScheduledJob.adoc new file mode 100644 index 000000000000..cdfbf8e08607 --- /dev/null +++ b/rest_api/apis-batch/v2alpha1.ScheduledJob.adoc @@ -0,0 +1,1850 @@ += v2alpha1.ScheduledJob +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +CronJob represents the configuration of a single cron job. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  concurrencyPolicy:
+
  failedJobsHistoryLimit:
+
  jobTemplate:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      completions:
+
      manualSelector:
+
      parallelism:
+
      selector:
+
        matchExpressions:
+
        - key:
+
          operator:
+
          values:
+
          - [string]:
+
        matchLabels:
+
          [string]:
+
      template:
+
        metadata:
+
          annotations:
+
            [string]:
+
          clusterName:
+
          creationTimestamp:
+
          deletionGracePeriodSeconds:
+
          deletionTimestamp:
+
          finalizers:
+
          - [string]:
+
          generateName:
+
          generation:
+
          initializers:
+
            pending:
+
            - name:
+
            result:
+
              apiVersion:
+
              code:
+
              details:
+
                causes:
+
                - field:
+
                  message:
+
                  reason:
+
                group:
+
                kind:
+
                name:
+
                retryAfterSeconds:
+
                uid:
+
              kind:
+
              message:
+
              metadata:
+
                resourceVersion:
+
                selfLink:
+
              reason:
+
              status:
+
          labels:
+
            [string]:
+
          name:
+
          namespace:
+
          ownerReferences:
+
          - apiVersion:
+
            blockOwnerDeletion:
+
            controller:
+
            kind:
+
            name:
+
            uid:
+
          resourceVersion:
+
          selfLink:
+
          uid:
+
        spec:
+
          activeDeadlineSeconds:
+
          affinity:
+
            nodeAffinity:
+
              preferredDuringSchedulingIgnoredDuringExecution:
+
              - preference:
+
              -   matchExpressions:
+
              -   - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                weight:
+
              requiredDuringSchedulingIgnoredDuringExecution:
+
                nodeSelectorTerms:
+
                - matchExpressions:
+
                - - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
            podAffinity:
+
              preferredDuringSchedulingIgnoredDuringExecution:
+
              - podAffinityTerm:
+
              -   labelSelector:
+
              -     matchExpressions:
+
              -     - key:
+
                      operator:
+
                      values:
+
                      - [string]:
+
                    matchLabels:
+
                      [string]:
+
                  namespaces:
+
                  - [string]:
+
                  topologyKey:
+
                weight:
+
              requiredDuringSchedulingIgnoredDuringExecution:
+
              - labelSelector:
+
              -   matchExpressions:
+
              -   - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                  matchLabels:
+
                    [string]:
+
                namespaces:
+
                - [string]:
+
                topologyKey:
+
            podAntiAffinity:
+
              preferredDuringSchedulingIgnoredDuringExecution:
+
              - podAffinityTerm:
+
              -   labelSelector:
+
              -     matchExpressions:
+
              -     - key:
+
                      operator:
+
                      values:
+
                      - [string]:
+
                    matchLabels:
+
                      [string]:
+
                  namespaces:
+
                  - [string]:
+
                  topologyKey:
+
                weight:
+
              requiredDuringSchedulingIgnoredDuringExecution:
+
              - labelSelector:
+
              -   matchExpressions:
+
              -   - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                  matchLabels:
+
                    [string]:
+
                namespaces:
+
                - [string]:
+
                topologyKey:
+
          automountServiceAccountToken:
+
          containers:
+
          - args:
+
          - - [string]:
+
            command:
+
            - [string]:
+
            env:
+
            - name:
+
              value:
+
              valueFrom:
+
                configMapKeyRef:
+
                  key:
+
                  name:
+
                  optional:
+
                fieldRef:
+
                  apiVersion:
+
                  fieldPath:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
                secretKeyRef:
+
                  key:
+
                  name:
+
                  optional:
+
            envFrom:
+
            - configMapRef:
+
            -   name:
+
                optional:
+
              prefix:
+
              secretRef:
+
                name:
+
                optional:
+
            image:
+
            imagePullPolicy:
+
            lifecycle:
+
              postStart:
+
                exec:
+
                  command:
+
                  - [string]:
+
                httpGet:
+
                  host:
+
                  httpHeaders:
+
                  - name:
+
                    value:
+
                  path:
+
                  port:
+
                  scheme:
+
                tcpSocket:
+
                  host:
+
                  port:
+
              preStop:
+
                exec:
+
                  command:
+
                  - [string]:
+
                httpGet:
+
                  host:
+
                  httpHeaders:
+
                  - name:
+
                    value:
+
                  path:
+
                  port:
+
                  scheme:
+
                tcpSocket:
+
                  host:
+
                  port:
+
            livenessProbe:
+
              exec:
+
                command:
+
                - [string]:
+
              failureThreshold:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              initialDelaySeconds:
+
              periodSeconds:
+
              successThreshold:
+
              tcpSocket:
+
                host:
+
                port:
+
              timeoutSeconds:
+
            name:
+
            ports:
+
            - containerPort:
+
              hostIP:
+
              hostPort:
+
              name:
+
              protocol:
+
            readinessProbe:
+
              exec:
+
                command:
+
                - [string]:
+
              failureThreshold:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              initialDelaySeconds:
+
              periodSeconds:
+
              successThreshold:
+
              tcpSocket:
+
                host:
+
                port:
+
              timeoutSeconds:
+
            resources:
+
              limits:
+
                [string]:
+
              requests:
+
                [string]:
+
            securityContext:
+
              capabilities:
+
                add:
+
                - [string]:
+
                drop:
+
                - [string]:
+
              privileged:
+
              readOnlyRootFilesystem:
+
              runAsNonRoot:
+
              runAsUser:
+
              seLinuxOptions:
+
                level:
+
                role:
+
                type:
+
                user:
+
            stdin:
+
            stdinOnce:
+
            terminationMessagePath:
+
            terminationMessagePolicy:
+
            tty:
+
            volumeMounts:
+
            - mountPath:
+
              name:
+
              readOnly:
+
              subPath:
+
            workingDir:
+
          dnsPolicy:
+
          hostAliases:
+
          - hostnames:
+
          - - [string]:
+
            ip:
+
          hostIPC:
+
          hostNetwork:
+
          hostPID:
+
          hostname:
+
          imagePullSecrets:
+
          - name:
+
          initContainers:
+
          - args:
+
          - - [string]:
+
            command:
+
            - [string]:
+
            env:
+
            - name:
+
              value:
+
              valueFrom:
+
                configMapKeyRef:
+
                  key:
+
                  name:
+
                  optional:
+
                fieldRef:
+
                  apiVersion:
+
                  fieldPath:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
                secretKeyRef:
+
                  key:
+
                  name:
+
                  optional:
+
            envFrom:
+
            - configMapRef:
+
            -   name:
+
                optional:
+
              prefix:
+
              secretRef:
+
                name:
+
                optional:
+
            image:
+
            imagePullPolicy:
+
            lifecycle:
+
              postStart:
+
                exec:
+
                  command:
+
                  - [string]:
+
                httpGet:
+
                  host:
+
                  httpHeaders:
+
                  - name:
+
                    value:
+
                  path:
+
                  port:
+
                  scheme:
+
                tcpSocket:
+
                  host:
+
                  port:
+
              preStop:
+
                exec:
+
                  command:
+
                  - [string]:
+
                httpGet:
+
                  host:
+
                  httpHeaders:
+
                  - name:
+
                    value:
+
                  path:
+
                  port:
+
                  scheme:
+
                tcpSocket:
+
                  host:
+
                  port:
+
            livenessProbe:
+
              exec:
+
                command:
+
                - [string]:
+
              failureThreshold:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              initialDelaySeconds:
+
              periodSeconds:
+
              successThreshold:
+
              tcpSocket:
+
                host:
+
                port:
+
              timeoutSeconds:
+
            name:
+
            ports:
+
            - containerPort:
+
              hostIP:
+
              hostPort:
+
              name:
+
              protocol:
+
            readinessProbe:
+
              exec:
+
                command:
+
                - [string]:
+
              failureThreshold:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              initialDelaySeconds:
+
              periodSeconds:
+
              successThreshold:
+
              tcpSocket:
+
                host:
+
                port:
+
              timeoutSeconds:
+
            resources:
+
              limits:
+
                [string]:
+
              requests:
+
                [string]:
+
            securityContext:
+
              capabilities:
+
                add:
+
                - [string]:
+
                drop:
+
                - [string]:
+
              privileged:
+
              readOnlyRootFilesystem:
+
              runAsNonRoot:
+
              runAsUser:
+
              seLinuxOptions:
+
                level:
+
                role:
+
                type:
+
                user:
+
            stdin:
+
            stdinOnce:
+
            terminationMessagePath:
+
            terminationMessagePolicy:
+
            tty:
+
            volumeMounts:
+
            - mountPath:
+
              name:
+
              readOnly:
+
              subPath:
+
            workingDir:
+
          nodeName:
+
          nodeSelector:
+
            [string]:
+
          restartPolicy:
+
          schedulerName:
+
          securityContext:
+
            fsGroup:
+
            runAsNonRoot:
+
            runAsUser:
+
            seLinuxOptions:
+
              level:
+
              role:
+
              type:
+
              user:
+
            supplementalGroups:
+
            - [integer]:
+
          serviceAccount:
+
          serviceAccountName:
+
          subdomain:
+
          terminationGracePeriodSeconds:
+
          tolerations:
+
          - effect:
+
            key:
+
            operator:
+
            tolerationSeconds:
+
            value:
+
          volumes:
+
          - awsElasticBlockStore:
+
          -   fsType:
+
              partition:
+
              readOnly:
+
              volumeID:
+
            azureDisk:
+
              cachingMode:
+
              diskName:
+
              diskURI:
+
              fsType:
+
              kind:
+
              readOnly:
+
            azureFile:
+
              readOnly:
+
              secretName:
+
              shareName:
+
            cephfs:
+
              monitors:
+
              - [string]:
+
              path:
+
              readOnly:
+
              secretFile:
+
              secretRef:
+
                name:
+
              user:
+
            cinder:
+
              fsType:
+
              readOnly:
+
              volumeID:
+
            configMap:
+
              defaultMode:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              defaultMode:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            emptyDir:
+
              medium:
+
              sizeLimit:
+
            fc:
+
              fsType:
+
              lun:
+
              readOnly:
+
              targetWWNs:
+
              - [string]:
+
            flexVolume:
+
              driver:
+
              fsType:
+
              options:
+
                [string]:
+
              readOnly:
+
              secretRef:
+
                name:
+
            flocker:
+
              datasetName:
+
              datasetUUID:
+
            gcePersistentDisk:
+
              fsType:
+
              partition:
+
              pdName:
+
              readOnly:
+
            gitRepo:
+
              directory:
+
              repository:
+
              revision:
+
            glusterfs:
+
              endpoints:
+
              path:
+
              readOnly:
+
            hostPath:
+
              path:
+
            iscsi:
+
              chapAuthDiscovery:
+
              chapAuthSession:
+
              fsType:
+
              iqn:
+
              iscsiInterface:
+
              lun:
+
              portals:
+
              - [string]:
+
              readOnly:
+
              secretRef:
+
                name:
+
              targetPortal:
+
            name:
+
            nfs:
+
              path:
+
              readOnly:
+
              server:
+
            persistentVolumeClaim:
+
              claimName:
+
              readOnly:
+
            photonPersistentDisk:
+
              fsType:
+
              pdID:
+
            portworxVolume:
+
              fsType:
+
              readOnly:
+
              volumeID:
+
            projected:
+
              defaultMode:
+
              sources:
+
              - configMap:
+
              -   items:
+
              -   - key:
+
                    mode:
+
                    path:
+
                  name:
+
                  optional:
+
                downwardAPI:
+
                  items:
+
                  - fieldRef:
+
                  -   apiVersion:
+
                      fieldPath:
+
                    mode:
+
                    path:
+
                    resourceFieldRef:
+
                      containerName:
+
                      divisor:
+
                      resource:
+
                secret:
+
                  items:
+
                  - key:
+
                    mode:
+
                    path:
+
                  name:
+
                  optional:
+
            quobyte:
+
              group:
+
              readOnly:
+
              registry:
+
              user:
+
              volume:
+
            rbd:
+
              fsType:
+
              image:
+
              keyring:
+
              monitors:
+
              - [string]:
+
              pool:
+
              readOnly:
+
              secretRef:
+
                name:
+
              user:
+
            scaleIO:
+
              fsType:
+
              gateway:
+
              protectionDomain:
+
              readOnly:
+
              secretRef:
+
                name:
+
              sslEnabled:
+
              storageMode:
+
              storagePool:
+
              system:
+
              volumeName:
+
            secret:
+
              defaultMode:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              optional:
+
              secretName:
+
            storageos:
+
              fsType:
+
              readOnly:
+
              secretRef:
+
                name:
+
              volumeName:
+
              volumeNamespace:
+
            vsphereVolume:
+
              fsType:
+
              storagePolicyID:
+
              storagePolicyName:
+
              volumePath:
+
  schedule:
+
  startingDeadlineSeconds:
+
  successfulJobsHistoryLimit:
+
  suspend:
+
status:
+
  active:
+
  - apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  lastScheduleTime:
+

+
+++++ + +== Operations + +[[Post-apis-batch-v2alpha1-scheduledjobs]] +=== Create a ScheduledJob +Create a ScheduledJob + +==== HTTP request +---- +POST /apis/batch/v2alpha1/scheduledjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/scheduledjobs <<'EOF' +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v2alpha1.CronJob +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs]] +=== Create a ScheduledJob in a namespace +Create a ScheduledJob + +==== HTTP request +---- +POST /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs <<'EOF' +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v2alpha1.CronJob +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs-name]] +=== Get a ScheduledJob in a namespace +Read the specified ScheduledJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ScheduledJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v2alpha1-scheduledjobs]] +=== Get all ScheduledJobs +List or watch objects of kind ScheduledJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/scheduledjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/scheduledjobs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJobList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs]] +=== Get all ScheduledJobs in a namespace +List or watch objects of kind ScheduledJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJobList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v2alpha1-watch-namespaces-namespace-scheduledjobs-name]] +=== Watch a ScheduledJob in a namespace +Watch changes to an object of kind ScheduledJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/watch/namespaces/$NAMESPACE/scheduledjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/watch/namespaces/$NAMESPACE/scheduledjobs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ScheduledJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v2alpha1-watch-scheduledjobs]] +=== Watch all ScheduledJobs +Watch individual changes to a list of ScheduledJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/watch/scheduledjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/watch/scheduledjobs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-batch-v2alpha1-watch-namespaces-namespace-scheduledjobs]] +=== Watch all ScheduledJobs in a namespace +Watch individual changes to a list of ScheduledJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/watch/namespaces/$NAMESPACE/scheduledjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/watch/namespaces/$NAMESPACE/scheduledjobs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs-name]] +=== Update a ScheduledJob in a namespace +Replace the specified ScheduledJob + +==== HTTP request +---- +PUT /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME <<'EOF' +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v2alpha1.CronJob +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ScheduledJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs-name]] +=== Patch a ScheduledJob in a namespace +Partially update the specified ScheduledJob + +==== HTTP request +---- +PATCH /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ScheduledJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs-name]] +=== Delete a ScheduledJob in a namespace +Delete a ScheduledJob + +==== HTTP request +---- +DELETE /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ScheduledJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs]] +=== Delete all ScheduledJobs in a namespace +Delete collection of ScheduledJob + +==== HTTP request +---- +DELETE /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs-name-status]] +=== Get status of a ScheduledJob in a namespace +Read status of the specified ScheduledJob + +==== HTTP request +---- +GET /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ScheduledJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs-name-status]] +=== Update status of a ScheduledJob in a namespace +Replace status of the specified ScheduledJob + +==== HTTP request +---- +PUT /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME/status <<'EOF' +{ + "kind": "CronJob", + "apiVersion": "batch/v2alpha1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v2alpha1.CronJob +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ScheduledJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-batch-v2alpha1-namespaces-namespace-scheduledjobs-name-status]] +=== Patch status of a ScheduledJob in a namespace +Partially update status of the specified ScheduledJob + +==== HTTP request +---- +PATCH /apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/batch/v2alpha1/namespaces/$NAMESPACE/scheduledjobs/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ScheduledJob +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v2alpha1.CronJob +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-build.openshift.io/v1.Build.adoc b/rest_api/apis-build.openshift.io/v1.Build.adoc new file mode 100644 index 000000000000..0ca7382b8134 --- /dev/null +++ b/rest_api/apis-build.openshift.io/v1.Build.adoc @@ -0,0 +1,1428 @@ += v1.Build +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Build encapsulates the inputs needed to produce a new deployable image, as well as the status of the execution and a reference to the Pod which executed the build. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  completionDeadlineSeconds:
+
  nodeSelector:
+
    [string]:
+
  output:
+
    imageLabels:
+
    - name:
+
      value:
+
    pushSecret:
+
      name:
+
    to:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
  postCommit:
+
    args:
+
    - [string]:
+
    command:
+
    - [string]:
+
    script:
+
  resources:
+
    limits:
+
      [string]:
+
    requests:
+
      [string]:
+
  revision:
+
    git:
+
      author:
+
        email:
+
        name:
+
      commit:
+
      committer:
+
        email:
+
        name:
+
      message:
+
    type:
+
  serviceAccount:
+
  source:
+
    binary:
+
      asFile:
+
    contextDir:
+
    dockerfile:
+
    git:
+
      httpProxy:
+
      httpsProxy:
+
      noProxy:
+
      ref:
+
      uri:
+
    images:
+
    - from:
+
    -   apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      paths:
+
      - destinationDir:
+
        sourcePath:
+
      pullSecret:
+
        name:
+
    secrets:
+
    - destinationDir:
+
      secret:
+
        name:
+
    sourceSecret:
+
      name:
+
    type:
+
  strategy:
+
    customStrategy:
+
      buildAPIVersion:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      exposeDockerSocket:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      pullSecret:
+
        name:
+
      secrets:
+
      - mountPath:
+
        secretSource:
+
          name:
+
    dockerStrategy:
+
      buildArgs:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      dockerfilePath:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      imageOptimizationPolicy:
+
      noCache:
+
      pullSecret:
+
        name:
+
    jenkinsPipelineStrategy:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      jenkinsfile:
+
      jenkinsfilePath:
+
    sourceStrategy:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      incremental:
+
      pullSecret:
+
        name:
+
      runtimeArtifacts:
+
      - destinationDir:
+
        sourcePath:
+
      runtimeImage:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      scripts:
+
    type:
+
  triggeredBy:
+
  - bitbucketWebHook:
+
  -   revision:
+
  -     git:
+
  -       author:
+
  -         email:
+
            name:
+
          commit:
+
          committer:
+
            email:
+
            name:
+
          message:
+
        type:
+
      secret:
+
    genericWebHook:
+
      revision:
+
        git:
+
          author:
+
            email:
+
            name:
+
          commit:
+
          committer:
+
            email:
+
            name:
+
          message:
+
        type:
+
      secret:
+
    githubWebHook:
+
      revision:
+
        git:
+
          author:
+
            email:
+
            name:
+
          commit:
+
          committer:
+
            email:
+
            name:
+
          message:
+
        type:
+
      secret:
+
    gitlabWebHook:
+
      revision:
+
        git:
+
          author:
+
            email:
+
            name:
+
          commit:
+
          committer:
+
            email:
+
            name:
+
          message:
+
        type:
+
      secret:
+
    imageChangeBuild:
+
      fromRef:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      imageID:
+
    message:
+
status:
+
  cancelled:
+
  completionTimestamp:
+
  config:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  duration:
+
  logSnippet:
+
  message:
+
  output:
+
    to:
+
      imageDigest:
+
  outputDockerImageReference:
+
  phase:
+
  reason:
+
  stages:
+
  - durationMilliseconds:
+
    name:
+
    startTime:
+
    steps:
+
    - durationMilliseconds:
+
      name:
+
      startTime:
+
  startTimestamp:
+

+
+++++ + +== Operations + +[[Post-apis-build.openshift.io-v1-builds]] +=== Create a Build +Create a Build + +==== HTTP request +---- +POST /apis/build.openshift.io/v1/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Build", + "apiVersion": "build.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/builds <<'EOF' +{ + "kind": "Build", + "apiVersion": "build.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Build +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-build.openshift.io-v1-namespaces-namespace-builds]] +=== Create a Build in a namespace +Create a Build + +==== HTTP request +---- +POST /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Build", + "apiVersion": "build.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds <<'EOF' +{ + "kind": "Build", + "apiVersion": "build.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Build +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-build.openshift.io-v1-namespaces-namespace-builds-name]] +=== Get a Build in a namespace +Read the specified Build + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-build.openshift.io-v1-builds]] +=== Get all Builds +List or watch objects of kind Build + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/builds +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-build.openshift.io-v1-namespaces-namespace-builds]] +=== Get all Builds in a namespace +List or watch objects of kind Build + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-build.openshift.io-v1-watch-namespaces-namespace-builds-name]] +=== Watch a Build in a namespace +Watch changes to an object of kind Build + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/watch/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/watch/namespaces/$NAMESPACE/builds/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-build.openshift.io-v1-watch-builds]] +=== Watch all Builds +Watch individual changes to a list of Build + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/watch/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/watch/builds +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-build.openshift.io-v1-watch-namespaces-namespace-builds]] +=== Watch all Builds in a namespace +Watch individual changes to a list of Build + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/watch/namespaces/$NAMESPACE/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/watch/namespaces/$NAMESPACE/builds +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-build.openshift.io-v1-namespaces-namespace-builds-name]] +=== Update a Build in a namespace +Replace the specified Build + +==== HTTP request +---- +PUT /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Build", + "apiVersion": "build.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME <<'EOF' +{ + "kind": "Build", + "apiVersion": "build.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Build +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-build.openshift.io-v1-namespaces-namespace-builds-name]] +=== Patch a Build in a namespace +Partially update the specified Build + +==== HTTP request +---- +PATCH /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-build.openshift.io-v1-namespaces-namespace-builds-name]] +=== Delete a Build in a namespace +Delete a Build + +==== HTTP request +---- +DELETE /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-build.openshift.io-v1-namespaces-namespace-builds]] +=== Delete all Builds in a namespace +Delete collection of Build + +==== HTTP request +---- +DELETE /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-build.openshift.io-v1-namespaces-namespace-builds-name-clone]] +=== Create clone of a Build in a namespace +Create clone of a BuildRequest + +==== HTTP request +---- +POST /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME/clone HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildRequest", + "apiVersion": "build.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME/clone <<'EOF' +{ + "kind": "BuildRequest", + "apiVersion": "build.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildRequest +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildRequest +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-build.openshift.io-v1-namespaces-namespace-builds-name-details]] +=== Update details of a Build in a namespace +Replace details of the specified Build + +==== HTTP request +---- +PUT /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME/details HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Build", + "apiVersion": "build.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME/details <<'EOF' +{ + "kind": "Build", + "apiVersion": "build.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Build +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-build.openshift.io-v1-namespaces-namespace-builds-name-log]] +=== Get log of a Build in a namespace +Read log of the specified BuildLog + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME/log HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/builds/$NAME/log +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildLog +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|container|cointainer for which to stream logs. Defaults to only container if there is one container in the pod. +|follow|follow if true indicates that the build log should be streamed until the build terminates. +|limitBytes|limitBytes, If set, is the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit. +|nowait|noWait if true causes the call to return immediately even if the build is not available yet. Otherwise the server will wait until the build has started. +|pretty|If 'true', then the output is pretty printed. +|previous|previous returns previous build logs. Defaults to false. +|sinceSeconds|sinceSeconds is a relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified. +|tailLines|tailLines, If set, is the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime +|timestamps|timestamps, If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false. +|version|version of the build for which to view logs. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildLog +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-build.openshift.io/v1.BuildConfig.adoc b/rest_api/apis-build.openshift.io/v1.BuildConfig.adoc new file mode 100644 index 000000000000..7d7dbc4bd9ca --- /dev/null +++ b/rest_api/apis-build.openshift.io/v1.BuildConfig.adoc @@ -0,0 +1,1389 @@ += v1.BuildConfig +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Build configurations define a build process for new Docker images. There are three types of builds possible - a Docker build using a Dockerfile, a Source-to-Image build that uses a specially prepared base image that accepts source code that it can make runnable, and a custom build that can run // arbitrary Docker images as a base and accept the build parameters. Builds run on the cluster and on completion are pushed to the Docker registry specified in the "output" section. A build can be triggered via a webhook, when the base image changes, or when a user manually requests a new build be // created. + +Each build created by a build configuration is numbered and refers back to its parent configuration. Multiple builds can be triggered at once. Builds that do not have "output" set can be used to test code or run a verification build. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  completionDeadlineSeconds:
+
  failedBuildsHistoryLimit:
+
  nodeSelector:
+
    [string]:
+
  output:
+
    imageLabels:
+
    - name:
+
      value:
+
    pushSecret:
+
      name:
+
    to:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
  postCommit:
+
    args:
+
    - [string]:
+
    command:
+
    - [string]:
+
    script:
+
  resources:
+
    limits:
+
      [string]:
+
    requests:
+
      [string]:
+
  revision:
+
    git:
+
      author:
+
        email:
+
        name:
+
      commit:
+
      committer:
+
        email:
+
        name:
+
      message:
+
    type:
+
  runPolicy:
+
  serviceAccount:
+
  source:
+
    binary:
+
      asFile:
+
    contextDir:
+
    dockerfile:
+
    git:
+
      httpProxy:
+
      httpsProxy:
+
      noProxy:
+
      ref:
+
      uri:
+
    images:
+
    - from:
+
    -   apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      paths:
+
      - destinationDir:
+
        sourcePath:
+
      pullSecret:
+
        name:
+
    secrets:
+
    - destinationDir:
+
      secret:
+
        name:
+
    sourceSecret:
+
      name:
+
    type:
+
  strategy:
+
    customStrategy:
+
      buildAPIVersion:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      exposeDockerSocket:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      pullSecret:
+
        name:
+
      secrets:
+
      - mountPath:
+
        secretSource:
+
          name:
+
    dockerStrategy:
+
      buildArgs:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      dockerfilePath:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      imageOptimizationPolicy:
+
      noCache:
+
      pullSecret:
+
        name:
+
    jenkinsPipelineStrategy:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      jenkinsfile:
+
      jenkinsfilePath:
+
    sourceStrategy:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      incremental:
+
      pullSecret:
+
        name:
+
      runtimeArtifacts:
+
      - destinationDir:
+
        sourcePath:
+
      runtimeImage:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      scripts:
+
    type:
+
  successfulBuildsHistoryLimit:
+
  triggers:
+
  - bitbucket:
+
  -   allowEnv:
+
      secret:
+
    generic:
+
      allowEnv:
+
      secret:
+
    github:
+
      allowEnv:
+
      secret:
+
    gitlab:
+
      allowEnv:
+
      secret:
+
    imageChange:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      lastTriggeredImageID:
+
    type:
+
status:
+
  lastVersion:
+

+
+++++ + +== Operations + +[[Post-apis-build.openshift.io-v1-buildconfigs]] +=== Create a BuildConfig +Create a BuildConfig + +==== HTTP request +---- +POST /apis/build.openshift.io/v1/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildConfig", + "apiVersion": "build.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/buildconfigs <<'EOF' +{ + "kind": "BuildConfig", + "apiVersion": "build.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildConfig +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs]] +=== Create a BuildConfig in a namespace +Create a BuildConfig + +==== HTTP request +---- +POST /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildConfig", + "apiVersion": "build.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs <<'EOF' +{ + "kind": "BuildConfig", + "apiVersion": "build.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs-name]] +=== Get a BuildConfig in a namespace +Read the specified BuildConfig + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-build.openshift.io-v1-buildconfigs]] +=== Get all BuildConfigs +List or watch objects of kind BuildConfig + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/buildconfigs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfigList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs]] +=== Get all BuildConfigs in a namespace +List or watch objects of kind BuildConfig + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfigList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-build.openshift.io-v1-watch-namespaces-namespace-buildconfigs-name]] +=== Watch a BuildConfig in a namespace +Watch changes to an object of kind BuildConfig + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/watch/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/watch/namespaces/$NAMESPACE/buildconfigs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-build.openshift.io-v1-watch-buildconfigs]] +=== Watch all BuildConfigs +Watch individual changes to a list of BuildConfig + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/watch/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/watch/buildconfigs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-build.openshift.io-v1-watch-namespaces-namespace-buildconfigs]] +=== Watch all BuildConfigs in a namespace +Watch individual changes to a list of BuildConfig + +==== HTTP request +---- +GET /apis/build.openshift.io/v1/watch/namespaces/$NAMESPACE/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/watch/namespaces/$NAMESPACE/buildconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs-name]] +=== Update a BuildConfig in a namespace +Replace the specified BuildConfig + +==== HTTP request +---- +PUT /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildConfig", + "apiVersion": "build.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME <<'EOF' +{ + "kind": "BuildConfig", + "apiVersion": "build.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs-name]] +=== Patch a BuildConfig in a namespace +Partially update the specified BuildConfig + +==== HTTP request +---- +PATCH /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs-name]] +=== Delete a BuildConfig in a namespace +Delete a BuildConfig + +==== HTTP request +---- +DELETE /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs]] +=== Delete all BuildConfigs in a namespace +Delete collection of BuildConfig + +==== HTTP request +---- +DELETE /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs-name-instantiate]] +=== Create instantiate of a BuildConfig in a namespace +Create instantiate of a BuildRequest + +==== HTTP request +---- +POST /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/instantiate HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildRequest", + "apiVersion": "build.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/instantiate <<'EOF' +{ + "kind": "BuildRequest", + "apiVersion": "build.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildRequest +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildRequest +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs-name-instantiatebinary]] +=== Create instantiatebinary of a BuildConfig in a namespace +Connect POST requests to instantiatebinary of BinaryBuildRequestOptions + +==== HTTP request +---- +POST /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/instantiatebinary HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/instantiatebinary +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BinaryBuildRequestOptions +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|asFile|asFile determines if the binary should be created as a file within the source rather than extracted as an archive +|revision.authorEmail|revision.authorEmail of the source control user +|revision.authorName|revision.authorName of the source control user +|revision.commit|revision.commit is the value identifying a specific commit +|revision.committerEmail|revision.committerEmail of the source control user +|revision.committerName|revision.committerName of the source control user +|revision.message|revision.message is the description of a specific commit +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs-name-webhooks]] +=== Create webhooks of a BuildConfig in a namespace +Connect POST requests to webhooks of Build + +==== HTTP request +---- +POST /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/webhooks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/webhooks +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-apis-build.openshift.io-v1-namespaces-namespace-buildconfigs-name-webhooks-path]] +=== Create webhooks/{path} of a BuildConfig in a namespace +Connect POST requests to webhooks of Build + +==== HTTP request +---- +POST /apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/webhooks/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/webhooks/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + + diff --git a/rest_api/apis-certificates.k8s.io/v1beta1.CertificateSigningRequest.adoc b/rest_api/apis-certificates.k8s.io/v1beta1.CertificateSigningRequest.adoc new file mode 100644 index 000000000000..54ac628fc73c --- /dev/null +++ b/rest_api/apis-certificates.k8s.io/v1beta1.CertificateSigningRequest.adoc @@ -0,0 +1,844 @@ += v1beta1.CertificateSigningRequest +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Describes a certificate signing request + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  extra:
+
    [string]:
+
  groups:
+
  - [string]:
+
  request:
+
  uid:
+
  usages:
+
  - [string]:
+
  username:
+
status:
+
  certificate:
+
  conditions:
+
  - lastUpdateTime:
+
    message:
+
    reason:
+
    type:
+

+
+++++ + +== Operations + +[[Post-apis-certificates.k8s.io-v1beta1-certificatesigningrequests]] +=== Create a CertificateSigningRequest +Create a CertificateSigningRequest + +==== HTTP request +---- +POST /apis/certificates.k8s.io/v1beta1/certificatesigningrequests HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CertificateSigningRequest", + "apiVersion": "certificates.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/certificatesigningrequests <<'EOF' +{ + "kind": "CertificateSigningRequest", + "apiVersion": "certificates.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.CertificateSigningRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.CertificateSigningRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-certificates.k8s.io-v1beta1-certificatesigningrequests-name]] +=== Get a CertificateSigningRequest +Read the specified CertificateSigningRequest + +==== HTTP request +---- +GET /apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CertificateSigningRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.CertificateSigningRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-certificates.k8s.io-v1beta1-certificatesigningrequests]] +=== Get all CertificateSigningRequests +List or watch objects of kind CertificateSigningRequest + +==== HTTP request +---- +GET /apis/certificates.k8s.io/v1beta1/certificatesigningrequests HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/certificatesigningrequests +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.CertificateSigningRequestList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-certificates.k8s.io-v1beta1-watch-certificatesigningrequests-name]] +=== Watch a CertificateSigningRequest +Watch changes to an object of kind CertificateSigningRequest + +==== HTTP request +---- +GET /apis/certificates.k8s.io/v1beta1/watch/certificatesigningrequests/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/watch/certificatesigningrequests/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CertificateSigningRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-certificates.k8s.io-v1beta1-watch-certificatesigningrequests]] +=== Watch all CertificateSigningRequests +Watch individual changes to a list of CertificateSigningRequest + +==== HTTP request +---- +GET /apis/certificates.k8s.io/v1beta1/watch/certificatesigningrequests HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/watch/certificatesigningrequests +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-certificates.k8s.io-v1beta1-certificatesigningrequests-name]] +=== Update a CertificateSigningRequest +Replace the specified CertificateSigningRequest + +==== HTTP request +---- +PUT /apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CertificateSigningRequest", + "apiVersion": "certificates.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME <<'EOF' +{ + "kind": "CertificateSigningRequest", + "apiVersion": "certificates.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.CertificateSigningRequest +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CertificateSigningRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.CertificateSigningRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-certificates.k8s.io-v1beta1-certificatesigningrequests-name]] +=== Patch a CertificateSigningRequest +Partially update the specified CertificateSigningRequest + +==== HTTP request +---- +PATCH /apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CertificateSigningRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.CertificateSigningRequest +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-certificates.k8s.io-v1beta1-certificatesigningrequests-name]] +=== Delete a CertificateSigningRequest +Delete a CertificateSigningRequest + +==== HTTP request +---- +DELETE /apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CertificateSigningRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-certificates.k8s.io-v1beta1-certificatesigningrequests]] +=== Delete all CertificateSigningRequests +Delete collection of CertificateSigningRequest + +==== HTTP request +---- +DELETE /apis/certificates.k8s.io/v1beta1/certificatesigningrequests HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/certificatesigningrequests +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-certificates.k8s.io-v1beta1-certificatesigningrequests-name-approval]] +=== Update approval of a CertificateSigningRequest +Replace approval of the specified CertificateSigningRequest + +==== HTTP request +---- +PUT /apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME/approval HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CertificateSigningRequest", + "apiVersion": "certificates.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME/approval <<'EOF' +{ + "kind": "CertificateSigningRequest", + "apiVersion": "certificates.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.CertificateSigningRequest +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CertificateSigningRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.CertificateSigningRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-certificates.k8s.io-v1beta1-certificatesigningrequests-name-status]] +=== Update status of a CertificateSigningRequest +Replace status of the specified CertificateSigningRequest + +==== HTTP request +---- +PUT /apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "CertificateSigningRequest", + "apiVersion": "certificates.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/$NAME/status <<'EOF' +{ + "kind": "CertificateSigningRequest", + "apiVersion": "certificates.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.CertificateSigningRequest +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the CertificateSigningRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.CertificateSigningRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-extensions/v1beta1.DaemonSet.adoc b/rest_api/apis-extensions/v1beta1.DaemonSet.adoc new file mode 100644 index 000000000000..a86fbea44bd2 --- /dev/null +++ b/rest_api/apis-extensions/v1beta1.DaemonSet.adoc @@ -0,0 +1,1777 @@ += v1beta1.DaemonSet +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +DaemonSet represents the configuration of a daemon set. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  minReadySeconds:
+
  revisionHistoryLimit:
+
  selector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
  templateGeneration:
+
  updateStrategy:
+
    rollingUpdate:
+
      maxUnavailable:
+
    type:
+
status:
+
  collisionCount:
+
  currentNumberScheduled:
+
  desiredNumberScheduled:
+
  numberAvailable:
+
  numberMisscheduled:
+
  numberReady:
+
  numberUnavailable:
+
  observedGeneration:
+
  updatedNumberScheduled:
+

+
+++++ + +== Operations + +[[Post-apis-extensions-v1beta1-daemonsets]] +=== Create a DaemonSet +Create a DaemonSet + +==== HTTP request +---- +POST /apis/extensions/v1beta1/daemonsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DaemonSet", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/daemonsets <<'EOF' +{ + "kind": "DaemonSet", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.DaemonSet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-extensions-v1beta1-namespaces-namespace-daemonsets]] +=== Create a DaemonSet in a namespace +Create a DaemonSet + +==== HTTP request +---- +POST /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DaemonSet", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets <<'EOF' +{ + "kind": "DaemonSet", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.DaemonSet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-daemonsets-name]] +=== Get a DaemonSet in a namespace +Read the specified DaemonSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DaemonSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-daemonsets]] +=== Get all DaemonSets +List or watch objects of kind DaemonSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/daemonsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/daemonsets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-daemonsets]] +=== Get all DaemonSets in a namespace +List or watch objects of kind DaemonSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-daemonsets-name]] +=== Watch a DaemonSet in a namespace +Watch changes to an object of kind DaemonSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/daemonsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/daemonsets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DaemonSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-daemonsets]] +=== Watch all DaemonSets +Watch individual changes to a list of DaemonSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/daemonsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/daemonsets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-daemonsets]] +=== Watch all DaemonSets in a namespace +Watch individual changes to a list of DaemonSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/daemonsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/daemonsets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-daemonsets-name]] +=== Update a DaemonSet in a namespace +Replace the specified DaemonSet + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DaemonSet", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME <<'EOF' +{ + "kind": "DaemonSet", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.DaemonSet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DaemonSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-daemonsets-name]] +=== Patch a DaemonSet in a namespace +Partially update the specified DaemonSet + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DaemonSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSet +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-daemonsets-name]] +=== Delete a DaemonSet in a namespace +Delete a DaemonSet + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DaemonSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-daemonsets]] +=== Delete all DaemonSets in a namespace +Delete collection of DaemonSet + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-daemonsets-name-status]] +=== Get status of a DaemonSet in a namespace +Read status of the specified DaemonSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DaemonSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-daemonsets-name-status]] +=== Update status of a DaemonSet in a namespace +Replace status of the specified DaemonSet + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DaemonSet", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME/status <<'EOF' +{ + "kind": "DaemonSet", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.DaemonSet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DaemonSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-daemonsets-name-status]] +=== Patch status of a DaemonSet in a namespace +Partially update status of the specified DaemonSet + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/daemonsets/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DaemonSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DaemonSet +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-extensions/v1beta1.Deployment.adoc b/rest_api/apis-extensions/v1beta1.Deployment.adoc new file mode 100644 index 000000000000..aef68ea356f0 --- /dev/null +++ b/rest_api/apis-extensions/v1beta1.Deployment.adoc @@ -0,0 +1,2073 @@ += v1beta1.Deployment +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Deployment enables declarative updates for Pods and ReplicaSets. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  minReadySeconds:
+
  paused:
+
  progressDeadlineSeconds:
+
  replicas:
+
  revisionHistoryLimit:
+
  rollbackTo:
+
    revision:
+
  selector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+
  strategy:
+
    rollingUpdate:
+
      maxSurge:
+
      maxUnavailable:
+
    type:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
status:
+
  availableReplicas:
+
  collisionCount:
+
  conditions:
+
  - lastTransitionTime:
+
    lastUpdateTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  observedGeneration:
+
  readyReplicas:
+
  replicas:
+
  unavailableReplicas:
+
  updatedReplicas:
+

+
+++++ + +== Operations + +[[Post-apis-extensions-v1beta1-deployments]] +=== Create a Deployment +Create a Deployment + +==== HTTP request +---- +POST /apis/extensions/v1beta1/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Deployment", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/deployments <<'EOF' +{ + "kind": "Deployment", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Deployment +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-extensions-v1beta1-namespaces-namespace-deployments]] +=== Create a Deployment in a namespace +Create a Deployment + +==== HTTP request +---- +POST /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Deployment", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments <<'EOF' +{ + "kind": "Deployment", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Deployment +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-deployments-name]] +=== Get a Deployment in a namespace +Read the specified Deployment + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-deployments]] +=== Get all Deployments +List or watch objects of kind Deployment + +==== HTTP request +---- +GET /apis/extensions/v1beta1/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/deployments +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DeploymentList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-deployments]] +=== Get all Deployments in a namespace +List or watch objects of kind Deployment + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DeploymentList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-deployments-name]] +=== Watch a Deployment in a namespace +Watch changes to an object of kind Deployment + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/deployments/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-deployments]] +=== Watch all Deployments +Watch individual changes to a list of Deployment + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/deployments +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-deployments]] +=== Watch all Deployments in a namespace +Watch individual changes to a list of Deployment + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/deployments +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-deployments-name]] +=== Update a Deployment in a namespace +Replace the specified Deployment + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Deployment", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME <<'EOF' +{ + "kind": "Deployment", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Deployment +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-deployments-name]] +=== Patch a Deployment in a namespace +Partially update the specified Deployment + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-deployments-name]] +=== Delete a Deployment in a namespace +Delete a Deployment + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-deployments]] +=== Delete all Deployments in a namespace +Delete collection of Deployment + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-extensions-v1beta1-namespaces-namespace-deployments-name-rollback]] +=== Create rollback of a Deployment in a namespace +Create rollback of a DeploymentRollback + +==== HTTP request +---- +POST /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/rollback HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentRollback", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/rollback <<'EOF' +{ + "kind": "DeploymentRollback", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.DeploymentRollback +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentRollback +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.DeploymentRollback +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-deployments-name-scale]] +=== Get scale of a Deployment in a namespace +Read scale of the specified Scale + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-deployments-name-scale]] +=== Update scale of a Deployment in a namespace +Replace scale of the specified Scale + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Scale", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale <<'EOF' +{ + "kind": "Scale", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Scale +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-deployments-name-scale]] +=== Patch scale of a Deployment in a namespace +Partially update scale of the specified Scale + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/scale <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-deployments-name-status]] +=== Get status of a Deployment in a namespace +Read status of the specified Deployment + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-deployments-name-status]] +=== Update status of a Deployment in a namespace +Replace status of the specified Deployment + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Deployment", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status <<'EOF' +{ + "kind": "Deployment", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Deployment +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-deployments-name-status]] +=== Patch status of a Deployment in a namespace +Partially update status of the specified Deployment + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/deployments/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Deployment +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Deployment +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-extensions/v1beta1.Ingress.adoc b/rest_api/apis-extensions/v1beta1.Ingress.adoc new file mode 100644 index 000000000000..e95cf3e6ec48 --- /dev/null +++ b/rest_api/apis-extensions/v1beta1.Ingress.adoc @@ -0,0 +1,1117 @@ += v1beta1.Ingress +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  backend:
+
    serviceName:
+
    servicePort:
+
  rules:
+
  - host:
+
    http:
+
      paths:
+
      - backend:
+
      -   serviceName:
+
          servicePort:
+
        path:
+
  tls:
+
  - hosts:
+
  - - [string]:
+
    secretName:
+
status:
+
  loadBalancer:
+
    ingress:
+
    - hostname:
+
      ip:
+

+
+++++ + +== Operations + +[[Post-apis-extensions-v1beta1-ingresses]] +=== Create a Ingress +Create an Ingress + +==== HTTP request +---- +POST /apis/extensions/v1beta1/ingresses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Ingress", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/ingresses <<'EOF' +{ + "kind": "Ingress", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Ingress +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Ingress +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-extensions-v1beta1-namespaces-namespace-ingresses]] +=== Create a Ingress in a namespace +Create an Ingress + +==== HTTP request +---- +POST /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Ingress", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses <<'EOF' +{ + "kind": "Ingress", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Ingress +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Ingress +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-ingresses-name]] +=== Get a Ingress in a namespace +Read the specified Ingress + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Ingress +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Ingress +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-ingresses]] +=== Get all Ingresses +List or watch objects of kind Ingress + +==== HTTP request +---- +GET /apis/extensions/v1beta1/ingresses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/ingresses +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.IngressList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-ingresses]] +=== Get all Ingresses in a namespace +List or watch objects of kind Ingress + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.IngressList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-ingresses-name]] +=== Watch a Ingress in a namespace +Watch changes to an object of kind Ingress + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/ingresses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/ingresses/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Ingress +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-ingresses]] +=== Watch all Ingresses +Watch individual changes to a list of Ingress + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/ingresses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/ingresses +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-ingresses]] +=== Watch all Ingresses in a namespace +Watch individual changes to a list of Ingress + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/ingresses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/ingresses +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-ingresses-name]] +=== Update a Ingress in a namespace +Replace the specified Ingress + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Ingress", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME <<'EOF' +{ + "kind": "Ingress", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Ingress +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Ingress +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Ingress +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-ingresses-name]] +=== Patch a Ingress in a namespace +Partially update the specified Ingress + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Ingress +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Ingress +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-ingresses-name]] +=== Delete a Ingress in a namespace +Delete an Ingress + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Ingress +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-ingresses]] +=== Delete all Ingresses in a namespace +Delete collection of Ingress + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-ingresses-name-status]] +=== Get status of a Ingress in a namespace +Read status of the specified Ingress + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Ingress +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Ingress +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-ingresses-name-status]] +=== Update status of a Ingress in a namespace +Replace status of the specified Ingress + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Ingress", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME/status <<'EOF' +{ + "kind": "Ingress", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Ingress +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Ingress +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Ingress +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-ingresses-name-status]] +=== Patch status of a Ingress in a namespace +Partially update status of the specified Ingress + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/ingresses/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Ingress +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Ingress +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-extensions/v1beta1.NetworkPolicy.adoc b/rest_api/apis-extensions/v1beta1.NetworkPolicy.adoc new file mode 100644 index 000000000000..0db19a288070 --- /dev/null +++ b/rest_api/apis-extensions/v1beta1.NetworkPolicy.adoc @@ -0,0 +1,913 @@ += v1beta1.NetworkPolicy +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +NetworkPolicy describes what network traffic is allowed for a set of Pods + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  ingress:
+
  - from:
+
  - - namespaceSelector:
+
  - -   matchExpressions:
+
  - -   - key:
+
          operator:
+
          values:
+
          - [string]:
+
        matchLabels:
+
          [string]:
+
      podSelector:
+
        matchExpressions:
+
        - key:
+
          operator:
+
          values:
+
          - [string]:
+
        matchLabels:
+
          [string]:
+
    ports:
+
    - port:
+
      protocol:
+
  podSelector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+

+
+++++ + +== Operations + +[[Post-apis-extensions-v1beta1-networkpolicies]] +=== Create a NetworkPolicy +Create a NetworkPolicy + +==== HTTP request +---- +POST /apis/extensions/v1beta1/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetworkPolicy", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/networkpolicies <<'EOF' +{ + "kind": "NetworkPolicy", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.NetworkPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-extensions-v1beta1-namespaces-namespace-networkpolicies]] +=== Create a NetworkPolicy in a namespace +Create a NetworkPolicy + +==== HTTP request +---- +POST /apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetworkPolicy", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies <<'EOF' +{ + "kind": "NetworkPolicy", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.NetworkPolicy +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-networkpolicies-name]] +=== Get a NetworkPolicy in a namespace +Read the specified NetworkPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-networkpolicies]] +=== Get all NetworkPolicies +List or watch objects of kind NetworkPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/networkpolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.NetworkPolicyList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-networkpolicies]] +=== Get all NetworkPolicies in a namespace +List or watch objects of kind NetworkPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.NetworkPolicyList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-networkpolicies-name]] +=== Watch a NetworkPolicy in a namespace +Watch changes to an object of kind NetworkPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/networkpolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-networkpolicies]] +=== Watch all NetworkPolicies +Watch individual changes to a list of NetworkPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/networkpolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-networkpolicies]] +=== Watch all NetworkPolicies in a namespace +Watch individual changes to a list of NetworkPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/networkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-networkpolicies-name]] +=== Update a NetworkPolicy in a namespace +Replace the specified NetworkPolicy + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetworkPolicy", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies/$NAME <<'EOF' +{ + "kind": "NetworkPolicy", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.NetworkPolicy +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-networkpolicies-name]] +=== Patch a NetworkPolicy in a namespace +Partially update the specified NetworkPolicy + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-networkpolicies-name]] +=== Delete a NetworkPolicy in a namespace +Delete a NetworkPolicy + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-networkpolicies]] +=== Delete all NetworkPolicies in a namespace +Delete collection of NetworkPolicy + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/networkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-extensions/v1beta1.PodSecurityPolicy.adoc b/rest_api/apis-extensions/v1beta1.PodSecurityPolicy.adoc new file mode 100644 index 000000000000..bb9df871298b --- /dev/null +++ b/rest_api/apis-extensions/v1beta1.PodSecurityPolicy.adoc @@ -0,0 +1,711 @@ += v1beta1.PodSecurityPolicy +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Pod Security Policy governs the ability to make requests that affect the Security Context that will be applied to a pod and container. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  allowedCapabilities:
+
  - [string]:
+
  defaultAddCapabilities:
+
  - [string]:
+
  fsGroup:
+
    ranges:
+
    - max:
+
      min:
+
    rule:
+
  hostIPC:
+
  hostNetwork:
+
  hostPID:
+
  hostPorts:
+
  - max:
+
    min:
+
  privileged:
+
  readOnlyRootFilesystem:
+
  requiredDropCapabilities:
+
  - [string]:
+
  runAsUser:
+
    ranges:
+
    - max:
+
      min:
+
    rule:
+
  seLinux:
+
    rule:
+
    seLinuxOptions:
+
      level:
+
      role:
+
      type:
+
      user:
+
  supplementalGroups:
+
    ranges:
+
    - max:
+
      min:
+
    rule:
+
  volumes:
+
  - [string]:
+

+
+++++ + +== Operations + +[[Post-apis-extensions-v1beta1-podsecuritypolicies]] +=== Create a PodSecurityPolicy +Create a PodSecurityPolicy + +==== HTTP request +---- +POST /apis/extensions/v1beta1/podsecuritypolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicy", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/podsecuritypolicies <<'EOF' +{ + "kind": "PodSecurityPolicy", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.PodSecurityPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodSecurityPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-podsecuritypolicies-name]] +=== Get a PodSecurityPolicy +Read the specified PodSecurityPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/podsecuritypolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/podsecuritypolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodSecurityPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodSecurityPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-podsecuritypolicies]] +=== Get all PodSecurityPolicies +List or watch objects of kind PodSecurityPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/podsecuritypolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/podsecuritypolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodSecurityPolicyList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-podsecuritypolicies-name]] +=== Watch a PodSecurityPolicy +Watch changes to an object of kind PodSecurityPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/podsecuritypolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/podsecuritypolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodSecurityPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-podsecuritypolicies]] +=== Watch all PodSecurityPolicies +Watch individual changes to a list of PodSecurityPolicy + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/podsecuritypolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/podsecuritypolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-extensions-v1beta1-podsecuritypolicies-name]] +=== Update a PodSecurityPolicy +Replace the specified PodSecurityPolicy + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/podsecuritypolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicy", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/podsecuritypolicies/$NAME <<'EOF' +{ + "kind": "PodSecurityPolicy", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.PodSecurityPolicy +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodSecurityPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodSecurityPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-podsecuritypolicies-name]] +=== Patch a PodSecurityPolicy +Partially update the specified PodSecurityPolicy + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/podsecuritypolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/podsecuritypolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodSecurityPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodSecurityPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-podsecuritypolicies-name]] +=== Delete a PodSecurityPolicy +Delete a PodSecurityPolicy + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/podsecuritypolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/podsecuritypolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodSecurityPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-podsecuritypolicies]] +=== Delete all PodSecurityPolicies +Delete collection of PodSecurityPolicy + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/podsecuritypolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/podsecuritypolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-extensions/v1beta1.ReplicaSet.adoc b/rest_api/apis-extensions/v1beta1.ReplicaSet.adoc new file mode 100644 index 000000000000..6b585b12aa04 --- /dev/null +++ b/rest_api/apis-extensions/v1beta1.ReplicaSet.adoc @@ -0,0 +1,1982 @@ += v1beta1.ReplicaSet +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ReplicaSet represents the configuration of a ReplicaSet. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  minReadySeconds:
+
  replicas:
+
  selector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
status:
+
  availableReplicas:
+
  conditions:
+
  - lastTransitionTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  fullyLabeledReplicas:
+
  observedGeneration:
+
  readyReplicas:
+
  replicas:
+

+
+++++ + +== Operations + +[[Post-apis-extensions-v1beta1-replicasets]] +=== Create a ReplicaSet +Create a ReplicaSet + +==== HTTP request +---- +POST /apis/extensions/v1beta1/replicasets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ReplicaSet", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/replicasets <<'EOF' +{ + "kind": "ReplicaSet", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ReplicaSet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-extensions-v1beta1-namespaces-namespace-replicasets]] +=== Create a ReplicaSet in a namespace +Create a ReplicaSet + +==== HTTP request +---- +POST /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ReplicaSet", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets <<'EOF' +{ + "kind": "ReplicaSet", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ReplicaSet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-replicasets-name]] +=== Get a ReplicaSet in a namespace +Read the specified ReplicaSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicaSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-replicasets]] +=== Get all ReplicaSets +List or watch objects of kind ReplicaSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/replicasets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/replicasets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-replicasets]] +=== Get all ReplicaSets in a namespace +List or watch objects of kind ReplicaSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-replicasets-name]] +=== Watch a ReplicaSet in a namespace +Watch changes to an object of kind ReplicaSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/replicasets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/replicasets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicaSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-replicasets]] +=== Watch all ReplicaSets +Watch individual changes to a list of ReplicaSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/replicasets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/replicasets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-namespaces-namespace-replicasets]] +=== Watch all ReplicaSets in a namespace +Watch individual changes to a list of ReplicaSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/replicasets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/namespaces/$NAMESPACE/replicasets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-replicasets-name]] +=== Update a ReplicaSet in a namespace +Replace the specified ReplicaSet + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ReplicaSet", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME <<'EOF' +{ + "kind": "ReplicaSet", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ReplicaSet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicaSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-replicasets-name]] +=== Patch a ReplicaSet in a namespace +Partially update the specified ReplicaSet + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicaSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSet +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-replicasets-name]] +=== Delete a ReplicaSet in a namespace +Delete a ReplicaSet + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicaSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-namespaces-namespace-replicasets]] +=== Delete all ReplicaSets in a namespace +Delete collection of ReplicaSet + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-replicasets-name-scale]] +=== Get scale of a ReplicaSet in a namespace +Read scale of the specified Scale + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/scale +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-replicasets-name-scale]] +=== Update scale of a ReplicaSet in a namespace +Replace scale of the specified Scale + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Scale", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/scale <<'EOF' +{ + "kind": "Scale", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Scale +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-replicasets-name-scale]] +=== Patch scale of a ReplicaSet in a namespace +Partially update scale of the specified Scale + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/scale <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-namespaces-namespace-replicasets-name-status]] +=== Get status of a ReplicaSet in a namespace +Read status of the specified ReplicaSet + +==== HTTP request +---- +GET /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicaSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-extensions-v1beta1-namespaces-namespace-replicasets-name-status]] +=== Update status of a ReplicaSet in a namespace +Replace status of the specified ReplicaSet + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ReplicaSet", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/status <<'EOF' +{ + "kind": "ReplicaSet", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ReplicaSet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicaSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-namespaces-namespace-replicasets-name-status]] +=== Patch status of a ReplicaSet in a namespace +Partially update status of the specified ReplicaSet + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/namespaces/$NAMESPACE/replicasets/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ReplicaSet +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ReplicaSet +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-extensions/v1beta1.ThirdPartyResource.adoc b/rest_api/apis-extensions/v1beta1.ThirdPartyResource.adoc new file mode 100644 index 000000000000..9b385448ce47 --- /dev/null +++ b/rest_api/apis-extensions/v1beta1.ThirdPartyResource.adoc @@ -0,0 +1,675 @@ += v1beta1.ThirdPartyResource +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +A ThirdPartyResource is a generic representation of a resource, it is used by add-ons and plugins to add new resource types to the API. It consists of one or more Versions of the api. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
description:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
versions:
+
- name:
+

+
+++++ + +== Operations + +[[Post-apis-extensions-v1beta1-thirdpartyresources]] +=== Create a ThirdPartyResource +Create a ThirdPartyResource + +==== HTTP request +---- +POST /apis/extensions/v1beta1/thirdpartyresources HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ThirdPartyResource", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/thirdpartyresources <<'EOF' +{ + "kind": "ThirdPartyResource", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ThirdPartyResource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ThirdPartyResource +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-thirdpartyresources-name]] +=== Get a ThirdPartyResource +Read the specified ThirdPartyResource + +==== HTTP request +---- +GET /apis/extensions/v1beta1/thirdpartyresources/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/thirdpartyresources/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ThirdPartyResource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ThirdPartyResource +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions-v1beta1-thirdpartyresources]] +=== Get all ThirdPartyResources +List or watch objects of kind ThirdPartyResource + +==== HTTP request +---- +GET /apis/extensions/v1beta1/thirdpartyresources HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/thirdpartyresources +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ThirdPartyResourceList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-thirdpartyresources-name]] +=== Watch a ThirdPartyResource +Watch changes to an object of kind ThirdPartyResource + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/thirdpartyresources/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/thirdpartyresources/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ThirdPartyResource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-extensions-v1beta1-watch-thirdpartyresources]] +=== Watch all ThirdPartyResources +Watch individual changes to a list of ThirdPartyResource + +==== HTTP request +---- +GET /apis/extensions/v1beta1/watch/thirdpartyresources HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/watch/thirdpartyresources +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-extensions-v1beta1-thirdpartyresources-name]] +=== Update a ThirdPartyResource +Replace the specified ThirdPartyResource + +==== HTTP request +---- +PUT /apis/extensions/v1beta1/thirdpartyresources/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ThirdPartyResource", + "apiVersion": "extensions/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/thirdpartyresources/$NAME <<'EOF' +{ + "kind": "ThirdPartyResource", + "apiVersion": "extensions/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ThirdPartyResource +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ThirdPartyResource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ThirdPartyResource +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-extensions-v1beta1-thirdpartyresources-name]] +=== Patch a ThirdPartyResource +Partially update the specified ThirdPartyResource + +==== HTTP request +---- +PATCH /apis/extensions/v1beta1/thirdpartyresources/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/extensions/v1beta1/thirdpartyresources/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ThirdPartyResource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ThirdPartyResource +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-thirdpartyresources-name]] +=== Delete a ThirdPartyResource +Delete a ThirdPartyResource + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/thirdpartyresources/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/thirdpartyresources/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ThirdPartyResource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-extensions-v1beta1-thirdpartyresources]] +=== Delete all ThirdPartyResources +Delete collection of ThirdPartyResource + +==== HTTP request +---- +DELETE /apis/extensions/v1beta1/thirdpartyresources HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/v1beta1/thirdpartyresources +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-image.openshift.io/v1.Image.adoc b/rest_api/apis-image.openshift.io/v1.Image.adoc new file mode 100644 index 000000000000..5ac768702d18 --- /dev/null +++ b/rest_api/apis-image.openshift.io/v1.Image.adoc @@ -0,0 +1,776 @@ += v1.Image +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Image is an immutable representation of a Docker image and metadata at a point in time. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
dockerImageConfig:
+
dockerImageLayers:
+
- mediaType:
+
  name:
+
  size:
+
dockerImageManifest:
+
dockerImageManifestMediaType:
+
dockerImageMetadata:
+
  Raw:
+
dockerImageMetadataVersion:
+
dockerImageReference:
+
dockerImageSignatures:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
signatures:
+
- apiVersion:
+
  conditions:
+
  - lastProbeTime:
+
    lastTransitionTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  content:
+
  created:
+
  imageIdentity:
+
  issuedBy:
+
    commonName:
+
    organization:
+
  issuedTo:
+
    commonName:
+
    organization:
+
    publicKeyID:
+
  kind:
+
  metadata:
+
    annotations:
+
      [string]:
+
    clusterName:
+
    creationTimestamp:
+
    deletionGracePeriodSeconds:
+
    deletionTimestamp:
+
    finalizers:
+
    - [string]:
+
    generateName:
+
    generation:
+
    initializers:
+
      pending:
+
      - name:
+
      result:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
    labels:
+
      [string]:
+
    name:
+
    namespace:
+
    ownerReferences:
+
    - apiVersion:
+
      blockOwnerDeletion:
+
      controller:
+
      kind:
+
      name:
+
      uid:
+
    resourceVersion:
+
    selfLink:
+
    uid:
+
  signedClaims:
+
    [string]:
+
  type:
+

+
+++++ + +== Operations + +[[Post-apis-image.openshift.io-v1-images]] +=== Create a Image +Create an Image + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/images HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Image", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/images <<'EOF' +{ + "kind": "Image", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Image +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io-v1-images-name]] +=== Get a Image +Read the specified Image + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/images/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Image +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io-v1-images]] +=== Get all Images +List or watch objects of kind Image + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/images HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/images +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-image.openshift.io-v1-watch-images-name]] +=== Watch a Image +Watch changes to an object of kind Image + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/watch/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/watch/images/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-image.openshift.io-v1-watch-images]] +=== Watch all Images +Watch individual changes to a list of Image + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/watch/images HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/watch/images +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-image.openshift.io-v1-images-name]] +=== Update a Image +Replace the specified Image + +==== HTTP request +---- +PUT /apis/image.openshift.io/v1/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Image", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/images/$NAME <<'EOF' +{ + "kind": "Image", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Image +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Image +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-image.openshift.io-v1-images-name]] +=== Patch a Image +Partially update the specified Image + +==== HTTP request +---- +PATCH /apis/image.openshift.io/v1/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/images/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Image +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-image.openshift.io-v1-images-name]] +=== Delete a Image +Delete an Image + +==== HTTP request +---- +DELETE /apis/image.openshift.io/v1/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/images/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-image.openshift.io-v1-images]] +=== Delete all Images +Delete collection of Image + +==== HTTP request +---- +DELETE /apis/image.openshift.io/v1/images HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/images +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-image.openshift.io/v1.ImageSignature.adoc b/rest_api/apis-image.openshift.io/v1.ImageSignature.adoc new file mode 100644 index 000000000000..3dfe572f24b7 --- /dev/null +++ b/rest_api/apis-image.openshift.io/v1.ImageSignature.adoc @@ -0,0 +1,241 @@ += v1.ImageSignature +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
conditions:
+
- lastProbeTime:
+
  lastTransitionTime:
+
  message:
+
  reason:
+
  status:
+
  type:
+
content:
+
created:
+
imageIdentity:
+
issuedBy:
+
  commonName:
+
  organization:
+
issuedTo:
+
  commonName:
+
  organization:
+
  publicKeyID:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
signedClaims:
+
  [string]:
+
type:
+

+
+++++ + +== Operations + +[[Post-apis-image.openshift.io-v1-imagesignatures]] +=== Create a ImageSignature +Create an ImageSignature + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/imagesignatures HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageSignature", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/imagesignatures <<'EOF' +{ + "kind": "ImageSignature", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageSignature +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageSignature +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-image.openshift.io-v1-imagesignatures-name]] +=== Delete a ImageSignature +Delete an ImageSignature + +==== HTTP request +---- +DELETE /apis/image.openshift.io/v1/imagesignatures/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/imagesignatures/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageSignature +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-image.openshift.io/v1.ImageStream.adoc b/rest_api/apis-image.openshift.io/v1.ImageStream.adoc new file mode 100644 index 000000000000..2fcd6dd5c578 --- /dev/null +++ b/rest_api/apis-image.openshift.io/v1.ImageStream.adoc @@ -0,0 +1,1191 @@ += v1.ImageStream +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageStream stores a mapping of tags to images, metadata overrides that are applied when images are tagged in a stream, and an optional reference to a Docker image repository on a registry. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  dockerImageRepository:
+
  lookupPolicy:
+
    local:
+
  tags:
+
  - annotations:
+
  -   [string]:
+
    from:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
    generation:
+
    importPolicy:
+
      insecure:
+
      scheduled:
+
    name:
+
    reference:
+
    referencePolicy:
+
      type:
+
status:
+
  dockerImageRepository:
+
  publicDockerImageRepository:
+
  tags:
+
  - conditions:
+
  - - generation:
+
      lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    items:
+
    - created:
+
      dockerImageReference:
+
      generation:
+
      image:
+
    tag:
+

+
+++++ + +== Operations + +[[Post-apis-image.openshift.io-v1-imagestreams]] +=== Create a ImageStream +Create an ImageStream + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStream", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/imagestreams <<'EOF' +{ + "kind": "ImageStream", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStream +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-image.openshift.io-v1-namespaces-namespace-imagestreams]] +=== Create a ImageStream in a namespace +Create an ImageStream + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStream", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams <<'EOF' +{ + "kind": "ImageStream", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStream +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io-v1-namespaces-namespace-imagestreams-name]] +=== Get a ImageStream in a namespace +Read the specified ImageStream + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io-v1-imagestreams]] +=== Get all ImageStreams +List or watch objects of kind ImageStream + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/imagestreams +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-image.openshift.io-v1-namespaces-namespace-imagestreams]] +=== Get all ImageStreams in a namespace +List or watch objects of kind ImageStream + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-image.openshift.io-v1-watch-namespaces-namespace-imagestreams-name]] +=== Watch a ImageStream in a namespace +Watch changes to an object of kind ImageStream + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/watch/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/watch/namespaces/$NAMESPACE/imagestreams/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-image.openshift.io-v1-watch-imagestreams]] +=== Watch all ImageStreams +Watch individual changes to a list of ImageStream + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/watch/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/watch/imagestreams +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-image.openshift.io-v1-watch-namespaces-namespace-imagestreams]] +=== Watch all ImageStreams in a namespace +Watch individual changes to a list of ImageStream + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/watch/namespaces/$NAMESPACE/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/watch/namespaces/$NAMESPACE/imagestreams +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-image.openshift.io-v1-namespaces-namespace-imagestreams-name]] +=== Update a ImageStream in a namespace +Replace the specified ImageStream + +==== HTTP request +---- +PUT /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStream", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME <<'EOF' +{ + "kind": "ImageStream", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStream +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-image.openshift.io-v1-namespaces-namespace-imagestreams-name]] +=== Patch a ImageStream in a namespace +Partially update the specified ImageStream + +==== HTTP request +---- +PATCH /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-image.openshift.io-v1-namespaces-namespace-imagestreams-name]] +=== Delete a ImageStream in a namespace +Delete an ImageStream + +==== HTTP request +---- +DELETE /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-image.openshift.io-v1-namespaces-namespace-imagestreams]] +=== Delete all ImageStreams in a namespace +Delete collection of ImageStream + +==== HTTP request +---- +DELETE /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io-v1-namespaces-namespace-imagestreams-name-secrets]] +=== Get secrets of a ImageStream in a namespace +Read secrets of the specified SecretList + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME/secrets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME/secrets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecretList +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecretList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io-v1-namespaces-namespace-imagestreams-name-status]] +=== Get status of a ImageStream in a namespace +Read status of the specified ImageStream + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-image.openshift.io-v1-namespaces-namespace-imagestreams-name-status]] +=== Update status of a ImageStream in a namespace +Replace status of the specified ImageStream + +==== HTTP request +---- +PUT /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStream", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status <<'EOF' +{ + "kind": "ImageStream", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStream +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-image.openshift.io-v1-namespaces-namespace-imagestreams-name-status]] +=== Patch status of a ImageStream in a namespace +Partially update status of the specified ImageStream + +==== HTTP request +---- +PATCH /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-image.openshift.io/v1.ImageStreamImage.adoc b/rest_api/apis-image.openshift.io/v1.ImageStreamImage.adoc new file mode 100644 index 000000000000..568fbd52d06c --- /dev/null +++ b/rest_api/apis-image.openshift.io/v1.ImageStreamImage.adoc @@ -0,0 +1,326 @@ += v1.ImageStreamImage +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageStreamImage represents an Image that is retrieved by image name from an ImageStream. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
image:
+
  apiVersion:
+
  dockerImageConfig:
+
  dockerImageLayers:
+
  - mediaType:
+
    name:
+
    size:
+
  dockerImageManifest:
+
  dockerImageManifestMediaType:
+
  dockerImageMetadata:
+
    Raw:
+
  dockerImageMetadataVersion:
+
  dockerImageReference:
+
  dockerImageSignatures:
+
  - [string]:
+
  kind:
+
  metadata:
+
    annotations:
+
      [string]:
+
    clusterName:
+
    creationTimestamp:
+
    deletionGracePeriodSeconds:
+
    deletionTimestamp:
+
    finalizers:
+
    - [string]:
+
    generateName:
+
    generation:
+
    initializers:
+
      pending:
+
      - name:
+
      result:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
    labels:
+
      [string]:
+
    name:
+
    namespace:
+
    ownerReferences:
+
    - apiVersion:
+
      blockOwnerDeletion:
+
      controller:
+
      kind:
+
      name:
+
      uid:
+
    resourceVersion:
+
    selfLink:
+
    uid:
+
  signatures:
+
  - apiVersion:
+
    conditions:
+
    - lastProbeTime:
+
      lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    content:
+
    created:
+
    imageIdentity:
+
    issuedBy:
+
      commonName:
+
      organization:
+
    issuedTo:
+
      commonName:
+
      organization:
+
      publicKeyID:
+
    kind:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    signedClaims:
+
      [string]:
+
    type:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+

+
+++++ + +== Operations + +[[Get-apis-image.openshift.io-v1-namespaces-namespace-imagestreamimages-name]] +=== Get a ImageStreamImage in a namespace +Read the specified ImageStreamImage + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamimages/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamimages/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamImage +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamImage +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-image.openshift.io/v1.ImageStreamImport.adoc b/rest_api/apis-image.openshift.io/v1.ImageStreamImport.adoc new file mode 100644 index 000000000000..71802e09b6e7 --- /dev/null +++ b/rest_api/apis-image.openshift.io/v1.ImageStreamImport.adoc @@ -0,0 +1,821 @@ += v1.ImageStreamImport +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +The image stream import resource provides an easy way for a user to find and import Docker images from other Docker registries into the server. Individual images or an entire image repository may be imported, and users may choose to see the results of the import prior to tagging the resulting images into the specified image stream. + +This API is intended for end-user tools that need to see the metadata of the image prior to import (for instance, to generate an application from it). Clients that know the desired image can continue to create spec.tags directly into their image streams. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  images:
+
  - from:
+
  -   apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
    importPolicy:
+
      insecure:
+
      scheduled:
+
    includeManifest:
+
    referencePolicy:
+
      type:
+
    to:
+
      name:
+
  import:
+
  repository:
+
    from:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
    importPolicy:
+
      insecure:
+
      scheduled:
+
    includeManifest:
+
    referencePolicy:
+
      type:
+
status:
+
  images:
+
  - image:
+
  -   apiVersion:
+
      dockerImageConfig:
+
      dockerImageLayers:
+
      - mediaType:
+
        name:
+
        size:
+
      dockerImageManifest:
+
      dockerImageManifestMediaType:
+
      dockerImageMetadata:
+
        Raw:
+
      dockerImageMetadataVersion:
+
      dockerImageReference:
+
      dockerImageSignatures:
+
      - [string]:
+
      kind:
+
      metadata:
+
        annotations:
+
          [string]:
+
        clusterName:
+
        creationTimestamp:
+
        deletionGracePeriodSeconds:
+
        deletionTimestamp:
+
        finalizers:
+
        - [string]:
+
        generateName:
+
        generation:
+
        initializers:
+
          pending:
+
          - name:
+
          result:
+
            apiVersion:
+
            code:
+
            details:
+
              causes:
+
              - field:
+
                message:
+
                reason:
+
              group:
+
              kind:
+
              name:
+
              retryAfterSeconds:
+
              uid:
+
            kind:
+
            message:
+
            metadata:
+
              resourceVersion:
+
              selfLink:
+
            reason:
+
            status:
+
        labels:
+
          [string]:
+
        name:
+
        namespace:
+
        ownerReferences:
+
        - apiVersion:
+
          blockOwnerDeletion:
+
          controller:
+
          kind:
+
          name:
+
          uid:
+
        resourceVersion:
+
        selfLink:
+
        uid:
+
      signatures:
+
      - apiVersion:
+
        conditions:
+
        - lastProbeTime:
+
          lastTransitionTime:
+
          message:
+
          reason:
+
          status:
+
          type:
+
        content:
+
        created:
+
        imageIdentity:
+
        issuedBy:
+
          commonName:
+
          organization:
+
        issuedTo:
+
          commonName:
+
          organization:
+
          publicKeyID:
+
        kind:
+
        metadata:
+
          annotations:
+
            [string]:
+
          clusterName:
+
          creationTimestamp:
+
          deletionGracePeriodSeconds:
+
          deletionTimestamp:
+
          finalizers:
+
          - [string]:
+
          generateName:
+
          generation:
+
          initializers:
+
            pending:
+
            - name:
+
            result:
+
              apiVersion:
+
              code:
+
              details:
+
                causes:
+
                - field:
+
                  message:
+
                  reason:
+
                group:
+
                kind:
+
                name:
+
                retryAfterSeconds:
+
                uid:
+
              kind:
+
              message:
+
              metadata:
+
                resourceVersion:
+
                selfLink:
+
              reason:
+
              status:
+
          labels:
+
            [string]:
+
          name:
+
          namespace:
+
          ownerReferences:
+
          - apiVersion:
+
            blockOwnerDeletion:
+
            controller:
+
            kind:
+
            name:
+
            uid:
+
          resourceVersion:
+
          selfLink:
+
          uid:
+
        signedClaims:
+
          [string]:
+
        type:
+
    status:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
    tag:
+
  import:
+
    apiVersion:
+
    kind:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      dockerImageRepository:
+
      lookupPolicy:
+
        local:
+
      tags:
+
      - annotations:
+
      -   [string]:
+
        from:
+
          apiVersion:
+
          fieldPath:
+
          kind:
+
          name:
+
          namespace:
+
          resourceVersion:
+
          uid:
+
        generation:
+
        importPolicy:
+
          insecure:
+
          scheduled:
+
        name:
+
        reference:
+
        referencePolicy:
+
          type:
+
    status:
+
      dockerImageRepository:
+
      publicDockerImageRepository:
+
      tags:
+
      - conditions:
+
      - - generation:
+
          lastTransitionTime:
+
          message:
+
          reason:
+
          status:
+
          type:
+
        items:
+
        - created:
+
          dockerImageReference:
+
          generation:
+
          image:
+
        tag:
+
  repository:
+
    additionalTags:
+
    - [string]:
+
    images:
+
    - image:
+
    -   apiVersion:
+
        dockerImageConfig:
+
        dockerImageLayers:
+
        - mediaType:
+
          name:
+
          size:
+
        dockerImageManifest:
+
        dockerImageManifestMediaType:
+
        dockerImageMetadata:
+
          Raw:
+
        dockerImageMetadataVersion:
+
        dockerImageReference:
+
        dockerImageSignatures:
+
        - [string]:
+
        kind:
+
        metadata:
+
          annotations:
+
            [string]:
+
          clusterName:
+
          creationTimestamp:
+
          deletionGracePeriodSeconds:
+
          deletionTimestamp:
+
          finalizers:
+
          - [string]:
+
          generateName:
+
          generation:
+
          initializers:
+
            pending:
+
            - name:
+
            result:
+
              apiVersion:
+
              code:
+
              details:
+
                causes:
+
                - field:
+
                  message:
+
                  reason:
+
                group:
+
                kind:
+
                name:
+
                retryAfterSeconds:
+
                uid:
+
              kind:
+
              message:
+
              metadata:
+
                resourceVersion:
+
                selfLink:
+
              reason:
+
              status:
+
          labels:
+
            [string]:
+
          name:
+
          namespace:
+
          ownerReferences:
+
          - apiVersion:
+
            blockOwnerDeletion:
+
            controller:
+
            kind:
+
            name:
+
            uid:
+
          resourceVersion:
+
          selfLink:
+
          uid:
+
        signatures:
+
        - apiVersion:
+
          conditions:
+
          - lastProbeTime:
+
            lastTransitionTime:
+
            message:
+
            reason:
+
            status:
+
            type:
+
          content:
+
          created:
+
          imageIdentity:
+
          issuedBy:
+
            commonName:
+
            organization:
+
          issuedTo:
+
            commonName:
+
            organization:
+
            publicKeyID:
+
          kind:
+
          metadata:
+
            annotations:
+
              [string]:
+
            clusterName:
+
            creationTimestamp:
+
            deletionGracePeriodSeconds:
+
            deletionTimestamp:
+
            finalizers:
+
            - [string]:
+
            generateName:
+
            generation:
+
            initializers:
+
              pending:
+
              - name:
+
              result:
+
                apiVersion:
+
                code:
+
                details:
+
                  causes:
+
                  - field:
+
                    message:
+
                    reason:
+
                  group:
+
                  kind:
+
                  name:
+
                  retryAfterSeconds:
+
                  uid:
+
                kind:
+
                message:
+
                metadata:
+
                  resourceVersion:
+
                  selfLink:
+
                reason:
+
                status:
+
            labels:
+
              [string]:
+
            name:
+
            namespace:
+
            ownerReferences:
+
            - apiVersion:
+
              blockOwnerDeletion:
+
              controller:
+
              kind:
+
              name:
+
              uid:
+
            resourceVersion:
+
            selfLink:
+
            uid:
+
          signedClaims:
+
            [string]:
+
          type:
+
      status:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
      tag:
+
    status:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+

+
+++++ + +== Operations + +[[Post-apis-image.openshift.io-v1-imagestreamimports]] +=== Create a ImageStreamImport +Create an ImageStreamImport + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/imagestreamimports HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamImport", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/imagestreamimports <<'EOF' +{ + "kind": "ImageStreamImport", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamImport +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamImport +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-image.openshift.io-v1-namespaces-namespace-imagestreamimports]] +=== Create a ImageStreamImport in a namespace +Create an ImageStreamImport + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamimports HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamImport", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamimports <<'EOF' +{ + "kind": "ImageStreamImport", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamImport +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamImport +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-image.openshift.io/v1.ImageStreamMapping.adoc b/rest_api/apis-image.openshift.io/v1.ImageStreamMapping.adoc new file mode 100644 index 000000000000..050230afc725 --- /dev/null +++ b/rest_api/apis-image.openshift.io/v1.ImageStreamMapping.adoc @@ -0,0 +1,420 @@ += v1.ImageStreamMapping +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageStreamMapping represents a mapping from a single tag to a Docker image as well as the reference to the Docker image stream the image came from. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
image:
+
  apiVersion:
+
  dockerImageConfig:
+
  dockerImageLayers:
+
  - mediaType:
+
    name:
+
    size:
+
  dockerImageManifest:
+
  dockerImageManifestMediaType:
+
  dockerImageMetadata:
+
    Raw:
+
  dockerImageMetadataVersion:
+
  dockerImageReference:
+
  dockerImageSignatures:
+
  - [string]:
+
  kind:
+
  metadata:
+
    annotations:
+
      [string]:
+
    clusterName:
+
    creationTimestamp:
+
    deletionGracePeriodSeconds:
+
    deletionTimestamp:
+
    finalizers:
+
    - [string]:
+
    generateName:
+
    generation:
+
    initializers:
+
      pending:
+
      - name:
+
      result:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
    labels:
+
      [string]:
+
    name:
+
    namespace:
+
    ownerReferences:
+
    - apiVersion:
+
      blockOwnerDeletion:
+
      controller:
+
      kind:
+
      name:
+
      uid:
+
    resourceVersion:
+
    selfLink:
+
    uid:
+
  signatures:
+
  - apiVersion:
+
    conditions:
+
    - lastProbeTime:
+
      lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    content:
+
    created:
+
    imageIdentity:
+
    issuedBy:
+
      commonName:
+
      organization:
+
    issuedTo:
+
      commonName:
+
      organization:
+
      publicKeyID:
+
    kind:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    signedClaims:
+
      [string]:
+
    type:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
tag:
+

+
+++++ + +== Operations + +[[Post-apis-image.openshift.io-v1-imagestreammappings]] +=== Create a ImageStreamMapping +Create an ImageStreamMapping + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/imagestreammappings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamMapping", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/imagestreammappings <<'EOF' +{ + "kind": "ImageStreamMapping", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-image.openshift.io-v1-namespaces-namespace-imagestreammappings]] +=== Create a ImageStreamMapping in a namespace +Create an ImageStreamMapping + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreammappings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamMapping", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreammappings <<'EOF' +{ + "kind": "ImageStreamMapping", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamMapping +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-image.openshift.io/v1.ImageStreamTag.adoc b/rest_api/apis-image.openshift.io/v1.ImageStreamTag.adoc new file mode 100644 index 000000000000..66dcee124523 --- /dev/null +++ b/rest_api/apis-image.openshift.io/v1.ImageStreamTag.adoc @@ -0,0 +1,826 @@ += v1.ImageStreamTag +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageStreamTag represents an Image that is retrieved by tag name from an ImageStream. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
conditions:
+
- generation:
+
  lastTransitionTime:
+
  message:
+
  reason:
+
  status:
+
  type:
+
generation:
+
image:
+
  apiVersion:
+
  dockerImageConfig:
+
  dockerImageLayers:
+
  - mediaType:
+
    name:
+
    size:
+
  dockerImageManifest:
+
  dockerImageManifestMediaType:
+
  dockerImageMetadata:
+
    Raw:
+
  dockerImageMetadataVersion:
+
  dockerImageReference:
+
  dockerImageSignatures:
+
  - [string]:
+
  kind:
+
  metadata:
+
    annotations:
+
      [string]:
+
    clusterName:
+
    creationTimestamp:
+
    deletionGracePeriodSeconds:
+
    deletionTimestamp:
+
    finalizers:
+
    - [string]:
+
    generateName:
+
    generation:
+
    initializers:
+
      pending:
+
      - name:
+
      result:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
    labels:
+
      [string]:
+
    name:
+
    namespace:
+
    ownerReferences:
+
    - apiVersion:
+
      blockOwnerDeletion:
+
      controller:
+
      kind:
+
      name:
+
      uid:
+
    resourceVersion:
+
    selfLink:
+
    uid:
+
  signatures:
+
  - apiVersion:
+
    conditions:
+
    - lastProbeTime:
+
      lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    content:
+
    created:
+
    imageIdentity:
+
    issuedBy:
+
      commonName:
+
      organization:
+
    issuedTo:
+
      commonName:
+
      organization:
+
      publicKeyID:
+
    kind:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    signedClaims:
+
      [string]:
+
    type:
+
kind:
+
lookupPolicy:
+
  local:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
tag:
+
  annotations:
+
    [string]:
+
  from:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  generation:
+
  importPolicy:
+
    insecure:
+
    scheduled:
+
  name:
+
  reference:
+
  referencePolicy:
+
    type:
+

+
+++++ + +== Operations + +[[Post-apis-image.openshift.io-v1-imagestreamtags]] +=== Create a ImageStreamTag +Create an ImageStreamTag + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/imagestreamtags HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamTag", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/imagestreamtags <<'EOF' +{ + "kind": "ImageStreamTag", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamTag +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-image.openshift.io-v1-namespaces-namespace-imagestreamtags]] +=== Create a ImageStreamTag in a namespace +Create an ImageStreamTag + +==== HTTP request +---- +POST /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamTag", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags <<'EOF' +{ + "kind": "ImageStreamTag", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamTag +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io-v1-namespaces-namespace-imagestreamtags-name]] +=== Get a ImageStreamTag in a namespace +Read the specified ImageStreamTag + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamTag +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io-v1-imagestreamtags]] +=== Get all ImageStreamTags +List objects of kind ImageStreamTag + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/imagestreamtags HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/imagestreamtags +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTagList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-image.openshift.io-v1-namespaces-namespace-imagestreamtags]] +=== Get all ImageStreamTags in a namespace +List objects of kind ImageStreamTag + +==== HTTP request +---- +GET /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTagList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-image.openshift.io-v1-namespaces-namespace-imagestreamtags-name]] +=== Update a ImageStreamTag in a namespace +Replace the specified ImageStreamTag + +==== HTTP request +---- +PUT /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamTag", + "apiVersion": "image.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME <<'EOF' +{ + "kind": "ImageStreamTag", + "apiVersion": "image.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamTag +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamTag +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-image.openshift.io-v1-namespaces-namespace-imagestreamtags-name]] +=== Patch a ImageStreamTag in a namespace +Partially update the specified ImageStreamTag + +==== HTTP request +---- +PATCH /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamTag +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-image.openshift.io-v1-namespaces-namespace-imagestreamtags-name]] +=== Delete a ImageStreamTag in a namespace +Delete an ImageStreamTag + +==== HTTP request +---- +DELETE /apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamTag +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-network.openshift.io/v1.ClusterNetwork.adoc b/rest_api/apis-network.openshift.io/v1.ClusterNetwork.adoc new file mode 100644 index 000000000000..07cbdd805d6b --- /dev/null +++ b/rest_api/apis-network.openshift.io/v1.ClusterNetwork.adoc @@ -0,0 +1,676 @@ += v1.ClusterNetwork +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterNetwork describes the cluster network. There is normally only one object of this type, named "default", which is created by the SDN network plugin based on the master configuration when the cluster is brought up for the first time. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
hostsubnetlength:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
network:
+
pluginName:
+
serviceNetwork:
+

+
+++++ + +== Operations + +[[Post-apis-network.openshift.io-v1-clusternetworks]] +=== Create a ClusterNetwork +Create a ClusterNetwork + +==== HTTP request +---- +POST /apis/network.openshift.io/v1/clusternetworks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterNetwork", + "apiVersion": "network.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/clusternetworks <<'EOF' +{ + "kind": "ClusterNetwork", + "apiVersion": "network.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetwork +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io-v1-clusternetworks-name]] +=== Get a ClusterNetwork +Read the specified ClusterNetwork + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/clusternetworks/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetwork +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io-v1-clusternetworks]] +=== Get all ClusterNetworks +List or watch objects of kind ClusterNetwork + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/clusternetworks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/clusternetworks +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetworkList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-watch-clusternetworks-name]] +=== Watch a ClusterNetwork +Watch changes to an object of kind ClusterNetwork + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/watch/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/watch/clusternetworks/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-watch-clusternetworks]] +=== Watch all ClusterNetworks +Watch individual changes to a list of ClusterNetwork + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/watch/clusternetworks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/watch/clusternetworks +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-network.openshift.io-v1-clusternetworks-name]] +=== Update a ClusterNetwork +Replace the specified ClusterNetwork + +==== HTTP request +---- +PUT /apis/network.openshift.io/v1/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterNetwork", + "apiVersion": "network.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/clusternetworks/$NAME <<'EOF' +{ + "kind": "ClusterNetwork", + "apiVersion": "network.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterNetwork +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetwork +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-network.openshift.io-v1-clusternetworks-name]] +=== Patch a ClusterNetwork +Partially update the specified ClusterNetwork + +==== HTTP request +---- +PATCH /apis/network.openshift.io/v1/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/clusternetworks/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetwork +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-network.openshift.io-v1-clusternetworks-name]] +=== Delete a ClusterNetwork +Delete a ClusterNetwork + +==== HTTP request +---- +DELETE /apis/network.openshift.io/v1/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/clusternetworks/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-network.openshift.io-v1-clusternetworks]] +=== Delete all ClusterNetworks +Delete collection of ClusterNetwork + +==== HTTP request +---- +DELETE /apis/network.openshift.io/v1/clusternetworks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/clusternetworks +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-network.openshift.io/v1.EgressNetworkPolicy.adoc b/rest_api/apis-network.openshift.io/v1.EgressNetworkPolicy.adoc new file mode 100644 index 000000000000..7727885e9482 --- /dev/null +++ b/rest_api/apis-network.openshift.io/v1.EgressNetworkPolicy.adoc @@ -0,0 +1,889 @@ += v1.EgressNetworkPolicy +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +EgressNetworkPolicy describes the current egress network policy for a Namespace. When using the 'redhat/openshift-ovs-multitenant' network plugin, traffic from a pod to an IP address outside the cluster will be checked against each EgressNetworkPolicyRule in the pod's namespace's EgressNetworkPolicy, in order. If no rule matches (or no EgressNetworkPolicy is present) then the traffic will be allowed by default. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  egress:
+
  - to:
+
  -   cidrSelector:
+
      dnsName:
+
    type:
+

+
+++++ + +== Operations + +[[Post-apis-network.openshift.io-v1-egressnetworkpolicies]] +=== Create a EgressNetworkPolicy +Create an EgressNetworkPolicy + +==== HTTP request +---- +POST /apis/network.openshift.io/v1/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "network.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/egressnetworkpolicies <<'EOF' +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "network.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.EgressNetworkPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-network.openshift.io-v1-namespaces-namespace-egressnetworkpolicies]] +=== Create a EgressNetworkPolicy in a namespace +Create an EgressNetworkPolicy + +==== HTTP request +---- +POST /apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "network.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies <<'EOF' +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "network.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.EgressNetworkPolicy +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io-v1-namespaces-namespace-egressnetworkpolicies-name]] +=== Get a EgressNetworkPolicy in a namespace +Read the specified EgressNetworkPolicy + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io-v1-egressnetworkpolicies]] +=== Get all EgressNetworkPolicies +List or watch objects of kind EgressNetworkPolicy + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/egressnetworkpolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicyList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-namespaces-namespace-egressnetworkpolicies]] +=== Get all EgressNetworkPolicies in a namespace +List or watch objects of kind EgressNetworkPolicy + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicyList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-watch-namespaces-namespace-egressnetworkpolicies-name]] +=== Watch a EgressNetworkPolicy in a namespace +Watch changes to an object of kind EgressNetworkPolicy + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/watch/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/watch/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-watch-egressnetworkpolicies]] +=== Watch all EgressNetworkPolicies +Watch individual changes to a list of EgressNetworkPolicy + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/watch/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/watch/egressnetworkpolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-watch-namespaces-namespace-egressnetworkpolicies]] +=== Watch all EgressNetworkPolicies in a namespace +Watch individual changes to a list of EgressNetworkPolicy + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/watch/namespaces/$NAMESPACE/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/watch/namespaces/$NAMESPACE/egressnetworkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-network.openshift.io-v1-namespaces-namespace-egressnetworkpolicies-name]] +=== Update a EgressNetworkPolicy in a namespace +Replace the specified EgressNetworkPolicy + +==== HTTP request +---- +PUT /apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "network.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME <<'EOF' +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "network.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.EgressNetworkPolicy +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-network.openshift.io-v1-namespaces-namespace-egressnetworkpolicies-name]] +=== Patch a EgressNetworkPolicy in a namespace +Partially update the specified EgressNetworkPolicy + +==== HTTP request +---- +PATCH /apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-network.openshift.io-v1-namespaces-namespace-egressnetworkpolicies-name]] +=== Delete a EgressNetworkPolicy in a namespace +Delete an EgressNetworkPolicy + +==== HTTP request +---- +DELETE /apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-network.openshift.io-v1-namespaces-namespace-egressnetworkpolicies]] +=== Delete all EgressNetworkPolicies in a namespace +Delete collection of EgressNetworkPolicy + +==== HTTP request +---- +DELETE /apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/namespaces/$NAMESPACE/egressnetworkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-network.openshift.io/v1.HostSubnet.adoc b/rest_api/apis-network.openshift.io/v1.HostSubnet.adoc new file mode 100644 index 000000000000..6d16f2adeda8 --- /dev/null +++ b/rest_api/apis-network.openshift.io/v1.HostSubnet.adoc @@ -0,0 +1,675 @@ += v1.HostSubnet +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +HostSubnet describes the container subnet network on a node. The HostSubnet object must have the same name as the Node object it corresponds to. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
host:
+
hostIP:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
subnet:
+

+
+++++ + +== Operations + +[[Post-apis-network.openshift.io-v1-hostsubnets]] +=== Create a HostSubnet +Create a HostSubnet + +==== HTTP request +---- +POST /apis/network.openshift.io/v1/hostsubnets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "HostSubnet", + "apiVersion": "network.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/hostsubnets <<'EOF' +{ + "kind": "HostSubnet", + "apiVersion": "network.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io-v1-hostsubnets-name]] +=== Get a HostSubnet +Read the specified HostSubnet + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/hostsubnets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io-v1-hostsubnets]] +=== Get all HostSubnets +List or watch objects of kind HostSubnet + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/hostsubnets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/hostsubnets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-watch-hostsubnets-name]] +=== Watch a HostSubnet +Watch changes to an object of kind HostSubnet + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/watch/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/watch/hostsubnets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-watch-hostsubnets]] +=== Watch all HostSubnets +Watch individual changes to a list of HostSubnet + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/watch/hostsubnets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/watch/hostsubnets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-network.openshift.io-v1-hostsubnets-name]] +=== Update a HostSubnet +Replace the specified HostSubnet + +==== HTTP request +---- +PUT /apis/network.openshift.io/v1/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "HostSubnet", + "apiVersion": "network.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/hostsubnets/$NAME <<'EOF' +{ + "kind": "HostSubnet", + "apiVersion": "network.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.HostSubnet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-network.openshift.io-v1-hostsubnets-name]] +=== Patch a HostSubnet +Partially update the specified HostSubnet + +==== HTTP request +---- +PATCH /apis/network.openshift.io/v1/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/hostsubnets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnet +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-network.openshift.io-v1-hostsubnets-name]] +=== Delete a HostSubnet +Delete a HostSubnet + +==== HTTP request +---- +DELETE /apis/network.openshift.io/v1/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/hostsubnets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-network.openshift.io-v1-hostsubnets]] +=== Delete all HostSubnets +Delete collection of HostSubnet + +==== HTTP request +---- +DELETE /apis/network.openshift.io/v1/hostsubnets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/hostsubnets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-network.openshift.io/v1.NetNamespace.adoc b/rest_api/apis-network.openshift.io/v1.NetNamespace.adoc new file mode 100644 index 000000000000..6d24cadcf76c --- /dev/null +++ b/rest_api/apis-network.openshift.io/v1.NetNamespace.adoc @@ -0,0 +1,674 @@ += v1.NetNamespace +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +NetNamespace describes a single isolated network. When using the redhat/openshift-ovs-multitenant plugin, every Namespace will have a corresponding NetNamespace object with the same name. (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.) + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
netid:
+
netname:
+

+
+++++ + +== Operations + +[[Post-apis-network.openshift.io-v1-netnamespaces]] +=== Create a NetNamespace +Create a NetNamespace + +==== HTTP request +---- +POST /apis/network.openshift.io/v1/netnamespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetNamespace", + "apiVersion": "network.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/netnamespaces <<'EOF' +{ + "kind": "NetNamespace", + "apiVersion": "network.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io-v1-netnamespaces-name]] +=== Get a NetNamespace +Read the specified NetNamespace + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/netnamespaces/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io-v1-netnamespaces]] +=== Get all NetNamespaces +List or watch objects of kind NetNamespace + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/netnamespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/netnamespaces +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespaceList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-watch-netnamespaces-name]] +=== Watch a NetNamespace +Watch changes to an object of kind NetNamespace + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/watch/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/watch/netnamespaces/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-network.openshift.io-v1-watch-netnamespaces]] +=== Watch all NetNamespaces +Watch individual changes to a list of NetNamespace + +==== HTTP request +---- +GET /apis/network.openshift.io/v1/watch/netnamespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/watch/netnamespaces +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-network.openshift.io-v1-netnamespaces-name]] +=== Update a NetNamespace +Replace the specified NetNamespace + +==== HTTP request +---- +PUT /apis/network.openshift.io/v1/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetNamespace", + "apiVersion": "network.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/netnamespaces/$NAME <<'EOF' +{ + "kind": "NetNamespace", + "apiVersion": "network.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.NetNamespace +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-network.openshift.io-v1-netnamespaces-name]] +=== Patch a NetNamespace +Partially update the specified NetNamespace + +==== HTTP request +---- +PATCH /apis/network.openshift.io/v1/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/netnamespaces/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespace +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-network.openshift.io-v1-netnamespaces-name]] +=== Delete a NetNamespace +Delete a NetNamespace + +==== HTTP request +---- +DELETE /apis/network.openshift.io/v1/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/netnamespaces/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-network.openshift.io-v1-netnamespaces]] +=== Delete all NetNamespaces +Delete collection of NetNamespace + +==== HTTP request +---- +DELETE /apis/network.openshift.io/v1/netnamespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/v1/netnamespaces +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-networking.k8s.io/v1.NetworkPolicy.adoc b/rest_api/apis-networking.k8s.io/v1.NetworkPolicy.adoc new file mode 100644 index 000000000000..cf152c594b3b --- /dev/null +++ b/rest_api/apis-networking.k8s.io/v1.NetworkPolicy.adoc @@ -0,0 +1,913 @@ += v1.NetworkPolicy +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +NetworkPolicy describes what network traffic is allowed for a set of Pods + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  ingress:
+
  - from:
+
  - - namespaceSelector:
+
  - -   matchExpressions:
+
  - -   - key:
+
          operator:
+
          values:
+
          - [string]:
+
        matchLabels:
+
          [string]:
+
      podSelector:
+
        matchExpressions:
+
        - key:
+
          operator:
+
          values:
+
          - [string]:
+
        matchLabels:
+
          [string]:
+
    ports:
+
    - port:
+
      protocol:
+
  podSelector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+

+
+++++ + +== Operations + +[[Post-apis-networking.k8s.io-v1-networkpolicies]] +=== Create a NetworkPolicy +Create a NetworkPolicy + +==== HTTP request +---- +POST /apis/networking.k8s.io/v1/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetworkPolicy", + "apiVersion": "networking.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/networkpolicies <<'EOF' +{ + "kind": "NetworkPolicy", + "apiVersion": "networking.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.NetworkPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-networking.k8s.io-v1-namespaces-namespace-networkpolicies]] +=== Create a NetworkPolicy in a namespace +Create a NetworkPolicy + +==== HTTP request +---- +POST /apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetworkPolicy", + "apiVersion": "networking.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies <<'EOF' +{ + "kind": "NetworkPolicy", + "apiVersion": "networking.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.NetworkPolicy +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-networking.k8s.io-v1-namespaces-namespace-networkpolicies-name]] +=== Get a NetworkPolicy in a namespace +Read the specified NetworkPolicy + +==== HTTP request +---- +GET /apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-networking.k8s.io-v1-networkpolicies]] +=== Get all NetworkPolicies +List or watch objects of kind NetworkPolicy + +==== HTTP request +---- +GET /apis/networking.k8s.io/v1/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/networkpolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetworkPolicyList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-networking.k8s.io-v1-namespaces-namespace-networkpolicies]] +=== Get all NetworkPolicies in a namespace +List or watch objects of kind NetworkPolicy + +==== HTTP request +---- +GET /apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetworkPolicyList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-networking.k8s.io-v1-watch-namespaces-namespace-networkpolicies-name]] +=== Watch a NetworkPolicy in a namespace +Watch changes to an object of kind NetworkPolicy + +==== HTTP request +---- +GET /apis/networking.k8s.io/v1/watch/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/watch/namespaces/$NAMESPACE/networkpolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-networking.k8s.io-v1-watch-networkpolicies]] +=== Watch all NetworkPolicies +Watch individual changes to a list of NetworkPolicy + +==== HTTP request +---- +GET /apis/networking.k8s.io/v1/watch/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/watch/networkpolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-networking.k8s.io-v1-watch-namespaces-namespace-networkpolicies]] +=== Watch all NetworkPolicies in a namespace +Watch individual changes to a list of NetworkPolicy + +==== HTTP request +---- +GET /apis/networking.k8s.io/v1/watch/namespaces/$NAMESPACE/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/watch/namespaces/$NAMESPACE/networkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-networking.k8s.io-v1-namespaces-namespace-networkpolicies-name]] +=== Update a NetworkPolicy in a namespace +Replace the specified NetworkPolicy + +==== HTTP request +---- +PUT /apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetworkPolicy", + "apiVersion": "networking.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies/$NAME <<'EOF' +{ + "kind": "NetworkPolicy", + "apiVersion": "networking.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.NetworkPolicy +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-networking.k8s.io-v1-namespaces-namespace-networkpolicies-name]] +=== Patch a NetworkPolicy in a namespace +Partially update the specified NetworkPolicy + +==== HTTP request +---- +PATCH /apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-networking.k8s.io-v1-namespaces-namespace-networkpolicies-name]] +=== Delete a NetworkPolicy in a namespace +Delete a NetworkPolicy + +==== HTTP request +---- +DELETE /apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-networking.k8s.io-v1-namespaces-namespace-networkpolicies]] +=== Delete all NetworkPolicies in a namespace +Delete collection of NetworkPolicy + +==== HTTP request +---- +DELETE /apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/v1/namespaces/$NAMESPACE/networkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-oauth.openshift.io/v1.OAuthAccessToken.adoc b/rest_api/apis-oauth.openshift.io/v1.OAuthAccessToken.adoc new file mode 100644 index 000000000000..84a292da74a0 --- /dev/null +++ b/rest_api/apis-oauth.openshift.io/v1.OAuthAccessToken.adoc @@ -0,0 +1,681 @@ += v1.OAuthAccessToken +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +OAuthAccessToken describes an OAuth access token + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
authorizeToken:
+
clientName:
+
expiresIn:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
redirectURI:
+
refreshToken:
+
scopes:
+
- [string]:
+
userName:
+
userUID:
+

+
+++++ + +== Operations + +[[Post-apis-oauth.openshift.io-v1-oauthaccesstokens]] +=== Create a OAuthAccessToken +Create an OAuthAccessToken + +==== HTTP request +---- +POST /apis/oauth.openshift.io/v1/oauthaccesstokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthAccessToken", + "apiVersion": "oauth.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthaccesstokens <<'EOF' +{ + "kind": "OAuthAccessToken", + "apiVersion": "oauth.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io-v1-oauthaccesstokens-name]] +=== Get a OAuthAccessToken +Read the specified OAuthAccessToken + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthaccesstokens/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io-v1-oauthaccesstokens]] +=== Get all OAuthAccessTokens +List or watch objects of kind OAuthAccessToken + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/oauthaccesstokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthaccesstokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessTokenList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-oauth.openshift.io-v1-watch-oauthaccesstokens-name]] +=== Watch a OAuthAccessToken +Watch changes to an object of kind OAuthAccessToken + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/watch/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/watch/oauthaccesstokens/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-oauth.openshift.io-v1-watch-oauthaccesstokens]] +=== Watch all OAuthAccessTokens +Watch individual changes to a list of OAuthAccessToken + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/watch/oauthaccesstokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/watch/oauthaccesstokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-oauth.openshift.io-v1-oauthaccesstokens-name]] +=== Update a OAuthAccessToken +Replace the specified OAuthAccessToken + +==== HTTP request +---- +PUT /apis/oauth.openshift.io/v1/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthAccessToken", + "apiVersion": "oauth.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthaccesstokens/$NAME <<'EOF' +{ + "kind": "OAuthAccessToken", + "apiVersion": "oauth.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthAccessToken +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-oauth.openshift.io-v1-oauthaccesstokens-name]] +=== Patch a OAuthAccessToken +Partially update the specified OAuthAccessToken + +==== HTTP request +---- +PATCH /apis/oauth.openshift.io/v1/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthaccesstokens/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessToken +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-oauth.openshift.io-v1-oauthaccesstokens-name]] +=== Delete a OAuthAccessToken +Delete an OAuthAccessToken + +==== HTTP request +---- +DELETE /apis/oauth.openshift.io/v1/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthaccesstokens/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-oauth.openshift.io-v1-oauthaccesstokens]] +=== Delete all OAuthAccessTokens +Delete collection of OAuthAccessToken + +==== HTTP request +---- +DELETE /apis/oauth.openshift.io/v1/oauthaccesstokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthaccesstokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-oauth.openshift.io/v1.OAuthAuthorizeToken.adoc b/rest_api/apis-oauth.openshift.io/v1.OAuthAuthorizeToken.adoc new file mode 100644 index 000000000000..2aa07bf8991f --- /dev/null +++ b/rest_api/apis-oauth.openshift.io/v1.OAuthAuthorizeToken.adoc @@ -0,0 +1,682 @@ += v1.OAuthAuthorizeToken +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +OAuthAuthorizeToken describes an OAuth authorization token + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
clientName:
+
codeChallenge:
+
codeChallengeMethod:
+
expiresIn:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
redirectURI:
+
scopes:
+
- [string]:
+
state:
+
userName:
+
userUID:
+

+
+++++ + +== Operations + +[[Post-apis-oauth.openshift.io-v1-oauthauthorizetokens]] +=== Create a OAuthAuthorizeToken +Create an OAuthAuthorizeToken + +==== HTTP request +---- +POST /apis/oauth.openshift.io/v1/oauthauthorizetokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthAuthorizeToken", + "apiVersion": "oauth.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthauthorizetokens <<'EOF' +{ + "kind": "OAuthAuthorizeToken", + "apiVersion": "oauth.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io-v1-oauthauthorizetokens-name]] +=== Get a OAuthAuthorizeToken +Read the specified OAuthAuthorizeToken + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthauthorizetokens/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io-v1-oauthauthorizetokens]] +=== Get all OAuthAuthorizeTokens +List or watch objects of kind OAuthAuthorizeToken + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/oauthauthorizetokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthauthorizetokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeTokenList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-oauth.openshift.io-v1-watch-oauthauthorizetokens-name]] +=== Watch a OAuthAuthorizeToken +Watch changes to an object of kind OAuthAuthorizeToken + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/watch/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/watch/oauthauthorizetokens/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-oauth.openshift.io-v1-watch-oauthauthorizetokens]] +=== Watch all OAuthAuthorizeTokens +Watch individual changes to a list of OAuthAuthorizeToken + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/watch/oauthauthorizetokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/watch/oauthauthorizetokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-oauth.openshift.io-v1-oauthauthorizetokens-name]] +=== Update a OAuthAuthorizeToken +Replace the specified OAuthAuthorizeToken + +==== HTTP request +---- +PUT /apis/oauth.openshift.io/v1/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthAuthorizeToken", + "apiVersion": "oauth.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthauthorizetokens/$NAME <<'EOF' +{ + "kind": "OAuthAuthorizeToken", + "apiVersion": "oauth.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthAuthorizeToken +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-oauth.openshift.io-v1-oauthauthorizetokens-name]] +=== Patch a OAuthAuthorizeToken +Partially update the specified OAuthAuthorizeToken + +==== HTTP request +---- +PATCH /apis/oauth.openshift.io/v1/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthauthorizetokens/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeToken +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-oauth.openshift.io-v1-oauthauthorizetokens-name]] +=== Delete a OAuthAuthorizeToken +Delete an OAuthAuthorizeToken + +==== HTTP request +---- +DELETE /apis/oauth.openshift.io/v1/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthauthorizetokens/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-oauth.openshift.io-v1-oauthauthorizetokens]] +=== Delete all OAuthAuthorizeTokens +Delete collection of OAuthAuthorizeToken + +==== HTTP request +---- +DELETE /apis/oauth.openshift.io/v1/oauthauthorizetokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthauthorizetokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-oauth.openshift.io/v1.OAuthClient.adoc b/rest_api/apis-oauth.openshift.io/v1.OAuthClient.adoc new file mode 100644 index 000000000000..c0aa05b8c19b --- /dev/null +++ b/rest_api/apis-oauth.openshift.io/v1.OAuthClient.adoc @@ -0,0 +1,691 @@ += v1.OAuthClient +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +OAuthClient describes an OAuth client + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
additionalSecrets:
+
- [string]:
+
apiVersion:
+
grantMethod:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
redirectURIs:
+
- [string]:
+
respondWithChallenges:
+
scopeRestrictions:
+
- clusterRole:
+
-   allowEscalation:
+
    namespaces:
+
    - [string]:
+
    roleNames:
+
    - [string]:
+
  literals:
+
  - [string]:
+
secret:
+

+
+++++ + +== Operations + +[[Post-apis-oauth.openshift.io-v1-oauthclients]] +=== Create a OAuthClient +Create an OAuthClient + +==== HTTP request +---- +POST /apis/oauth.openshift.io/v1/oauthclients HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthClient", + "apiVersion": "oauth.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclients <<'EOF' +{ + "kind": "OAuthClient", + "apiVersion": "oauth.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClient +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io-v1-oauthclients-name]] +=== Get a OAuthClient +Read the specified OAuthClient + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclients/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClient +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io-v1-oauthclients]] +=== Get all OAuthClients +List or watch objects of kind OAuthClient + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/oauthclients HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclients +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-oauth.openshift.io-v1-watch-oauthclients-name]] +=== Watch a OAuthClient +Watch changes to an object of kind OAuthClient + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/watch/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/watch/oauthclients/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-oauth.openshift.io-v1-watch-oauthclients]] +=== Watch all OAuthClients +Watch individual changes to a list of OAuthClient + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/watch/oauthclients HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/watch/oauthclients +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-oauth.openshift.io-v1-oauthclients-name]] +=== Update a OAuthClient +Replace the specified OAuthClient + +==== HTTP request +---- +PUT /apis/oauth.openshift.io/v1/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthClient", + "apiVersion": "oauth.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclients/$NAME <<'EOF' +{ + "kind": "OAuthClient", + "apiVersion": "oauth.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthClient +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClient +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-oauth.openshift.io-v1-oauthclients-name]] +=== Patch a OAuthClient +Partially update the specified OAuthClient + +==== HTTP request +---- +PATCH /apis/oauth.openshift.io/v1/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclients/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClient +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-oauth.openshift.io-v1-oauthclients-name]] +=== Delete a OAuthClient +Delete an OAuthClient + +==== HTTP request +---- +DELETE /apis/oauth.openshift.io/v1/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclients/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-oauth.openshift.io-v1-oauthclients]] +=== Delete all OAuthClients +Delete collection of OAuthClient + +==== HTTP request +---- +DELETE /apis/oauth.openshift.io/v1/oauthclients HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclients +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-oauth.openshift.io/v1.OAuthClientAuthorization.adoc b/rest_api/apis-oauth.openshift.io/v1.OAuthClientAuthorization.adoc new file mode 100644 index 000000000000..c95879721db1 --- /dev/null +++ b/rest_api/apis-oauth.openshift.io/v1.OAuthClientAuthorization.adoc @@ -0,0 +1,677 @@ += v1.OAuthClientAuthorization +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +OAuthClientAuthorization describes an authorization created by an OAuth client + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
clientName:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
scopes:
+
- [string]:
+
userName:
+
userUID:
+

+
+++++ + +== Operations + +[[Post-apis-oauth.openshift.io-v1-oauthclientauthorizations]] +=== Create a OAuthClientAuthorization +Create an OAuthClientAuthorization + +==== HTTP request +---- +POST /apis/oauth.openshift.io/v1/oauthclientauthorizations HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthClientAuthorization", + "apiVersion": "oauth.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclientauthorizations <<'EOF' +{ + "kind": "OAuthClientAuthorization", + "apiVersion": "oauth.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorization +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io-v1-oauthclientauthorizations-name]] +=== Get a OAuthClientAuthorization +Read the specified OAuthClientAuthorization + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclientauthorizations/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorization +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io-v1-oauthclientauthorizations]] +=== Get all OAuthClientAuthorizations +List or watch objects of kind OAuthClientAuthorization + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/oauthclientauthorizations HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclientauthorizations +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorizationList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-oauth.openshift.io-v1-watch-oauthclientauthorizations-name]] +=== Watch a OAuthClientAuthorization +Watch changes to an object of kind OAuthClientAuthorization + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/watch/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/watch/oauthclientauthorizations/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-oauth.openshift.io-v1-watch-oauthclientauthorizations]] +=== Watch all OAuthClientAuthorizations +Watch individual changes to a list of OAuthClientAuthorization + +==== HTTP request +---- +GET /apis/oauth.openshift.io/v1/watch/oauthclientauthorizations HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/watch/oauthclientauthorizations +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-oauth.openshift.io-v1-oauthclientauthorizations-name]] +=== Update a OAuthClientAuthorization +Replace the specified OAuthClientAuthorization + +==== HTTP request +---- +PUT /apis/oauth.openshift.io/v1/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthClientAuthorization", + "apiVersion": "oauth.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclientauthorizations/$NAME <<'EOF' +{ + "kind": "OAuthClientAuthorization", + "apiVersion": "oauth.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthClientAuthorization +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorization +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-oauth.openshift.io-v1-oauthclientauthorizations-name]] +=== Patch a OAuthClientAuthorization +Partially update the specified OAuthClientAuthorization + +==== HTTP request +---- +PATCH /apis/oauth.openshift.io/v1/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclientauthorizations/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorization +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-oauth.openshift.io-v1-oauthclientauthorizations-name]] +=== Delete a OAuthClientAuthorization +Delete an OAuthClientAuthorization + +==== HTTP request +---- +DELETE /apis/oauth.openshift.io/v1/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclientauthorizations/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-oauth.openshift.io-v1-oauthclientauthorizations]] +=== Delete all OAuthClientAuthorizations +Delete collection of OAuthClientAuthorization + +==== HTTP request +---- +DELETE /apis/oauth.openshift.io/v1/oauthclientauthorizations HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/v1/oauthclientauthorizations +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-policy/v1beta1.PodDisruptionBudget.adoc b/rest_api/apis-policy/v1beta1.PodDisruptionBudget.adoc new file mode 100644 index 000000000000..a6180338f308 --- /dev/null +++ b/rest_api/apis-policy/v1beta1.PodDisruptionBudget.adoc @@ -0,0 +1,1110 @@ += v1beta1.PodDisruptionBudget +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PodDisruptionBudget is an object to define the max disruption that can be caused to a collection of pods + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  maxUnavailable:
+
  minAvailable:
+
  selector:
+
    matchExpressions:
+
    - key:
+
      operator:
+
      values:
+
      - [string]:
+
    matchLabels:
+
      [string]:
+
status:
+
  currentHealthy:
+
  desiredHealthy:
+
  disruptedPods:
+
    [string]:
+
  disruptionsAllowed:
+
  expectedPods:
+
  observedGeneration:
+

+
+++++ + +== Operations + +[[Post-apis-policy-v1beta1-poddisruptionbudgets]] +=== Create a PodDisruptionBudget +Create a PodDisruptionBudget + +==== HTTP request +---- +POST /apis/policy/v1beta1/poddisruptionbudgets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodDisruptionBudget", + "apiVersion": "policy/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/poddisruptionbudgets <<'EOF' +{ + "kind": "PodDisruptionBudget", + "apiVersion": "policy/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.PodDisruptionBudget +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudget +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets]] +=== Create a PodDisruptionBudget in a namespace +Create a PodDisruptionBudget + +==== HTTP request +---- +POST /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodDisruptionBudget", + "apiVersion": "policy/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets <<'EOF' +{ + "kind": "PodDisruptionBudget", + "apiVersion": "policy/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.PodDisruptionBudget +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudget +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets-name]] +=== Get a PodDisruptionBudget in a namespace +Read the specified PodDisruptionBudget + +==== HTTP request +---- +GET /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodDisruptionBudget +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudget +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-policy-v1beta1-poddisruptionbudgets]] +=== Get all PodDisruptionBudgets +List or watch objects of kind PodDisruptionBudget + +==== HTTP request +---- +GET /apis/policy/v1beta1/poddisruptionbudgets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/poddisruptionbudgets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudgetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets]] +=== Get all PodDisruptionBudgets in a namespace +List or watch objects of kind PodDisruptionBudget + +==== HTTP request +---- +GET /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudgetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-policy-v1beta1-watch-namespaces-namespace-poddisruptionbudgets-name]] +=== Watch a PodDisruptionBudget in a namespace +Watch changes to an object of kind PodDisruptionBudget + +==== HTTP request +---- +GET /apis/policy/v1beta1/watch/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/watch/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodDisruptionBudget +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-policy-v1beta1-watch-poddisruptionbudgets]] +=== Watch all PodDisruptionBudgets +Watch individual changes to a list of PodDisruptionBudget + +==== HTTP request +---- +GET /apis/policy/v1beta1/watch/poddisruptionbudgets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/watch/poddisruptionbudgets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-policy-v1beta1-watch-namespaces-namespace-poddisruptionbudgets]] +=== Watch all PodDisruptionBudgets in a namespace +Watch individual changes to a list of PodDisruptionBudget + +==== HTTP request +---- +GET /apis/policy/v1beta1/watch/namespaces/$NAMESPACE/poddisruptionbudgets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/watch/namespaces/$NAMESPACE/poddisruptionbudgets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets-name]] +=== Update a PodDisruptionBudget in a namespace +Replace the specified PodDisruptionBudget + +==== HTTP request +---- +PUT /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodDisruptionBudget", + "apiVersion": "policy/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME <<'EOF' +{ + "kind": "PodDisruptionBudget", + "apiVersion": "policy/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.PodDisruptionBudget +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodDisruptionBudget +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudget +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets-name]] +=== Patch a PodDisruptionBudget in a namespace +Partially update the specified PodDisruptionBudget + +==== HTTP request +---- +PATCH /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodDisruptionBudget +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudget +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets-name]] +=== Delete a PodDisruptionBudget in a namespace +Delete a PodDisruptionBudget + +==== HTTP request +---- +DELETE /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodDisruptionBudget +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets]] +=== Delete all PodDisruptionBudgets in a namespace +Delete collection of PodDisruptionBudget + +==== HTTP request +---- +DELETE /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets-name-status]] +=== Get status of a PodDisruptionBudget in a namespace +Read status of the specified PodDisruptionBudget + +==== HTTP request +---- +GET /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodDisruptionBudget +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudget +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets-name-status]] +=== Update status of a PodDisruptionBudget in a namespace +Replace status of the specified PodDisruptionBudget + +==== HTTP request +---- +PUT /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodDisruptionBudget", + "apiVersion": "policy/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME/status <<'EOF' +{ + "kind": "PodDisruptionBudget", + "apiVersion": "policy/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.PodDisruptionBudget +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodDisruptionBudget +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudget +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-policy-v1beta1-namespaces-namespace-poddisruptionbudgets-name-status]] +=== Patch status of a PodDisruptionBudget in a namespace +Partially update status of the specified PodDisruptionBudget + +==== HTTP request +---- +PATCH /apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/policy/v1beta1/namespaces/$NAMESPACE/poddisruptionbudgets/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the PodDisruptionBudget +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.PodDisruptionBudget +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-project.openshift.io/v1.Project.adoc b/rest_api/apis-project.openshift.io/v1.Project.adoc new file mode 100644 index 000000000000..2e555e1c80cc --- /dev/null +++ b/rest_api/apis-project.openshift.io/v1.Project.adoc @@ -0,0 +1,604 @@ += v1.Project +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Projects are the unit of isolation and collaboration in OpenShift. A project has one or more members, a quota on the resources that the project may consume, and the security controls on the resources in the project. Within a project, members may have different roles - project administrators can set membership, editors can create and manage the resources, and viewers can see but not access running containers. In a normal cluster project administrators are not able to alter their quotas - that is restricted to cluster administrators. + +Listing or watching projects will return only projects the user has the reader role on. + +An OpenShift project is an alternative representation of a Kubernetes namespace. Projects are exposed as editable to end users while namespaces are not. Direct creation of a project is typically restricted to administrators, while end users should use the requestproject resource. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  finalizers:
+
  - [string]:
+
status:
+
  phase:
+

+
+++++ + +== Operations + +[[Post-apis-project.openshift.io-v1-projects]] +=== Create a Project +Create a Project + +==== HTTP request +---- +POST /apis/project.openshift.io/v1/projects HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Project", + "apiVersion": "project.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/projects <<'EOF' +{ + "kind": "Project", + "apiVersion": "project.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Project +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-project.openshift.io-v1-projects-name]] +=== Get a Project +Read the specified Project + +==== HTTP request +---- +GET /apis/project.openshift.io/v1/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/projects/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Project +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-project.openshift.io-v1-projects]] +=== Get all Projects +List or watch objects of kind Project + +==== HTTP request +---- +GET /apis/project.openshift.io/v1/projects HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/projects +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ProjectList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-project.openshift.io-v1-watch-projects-name]] +=== Watch a Project +Watch changes to an object of kind Project + +==== HTTP request +---- +GET /apis/project.openshift.io/v1/watch/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/watch/projects/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-project.openshift.io-v1-watch-projects]] +=== Watch all Projects +Watch individual changes to a list of Project + +==== HTTP request +---- +GET /apis/project.openshift.io/v1/watch/projects HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/watch/projects +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-project.openshift.io-v1-projects-name]] +=== Update a Project +Replace the specified Project + +==== HTTP request +---- +PUT /apis/project.openshift.io/v1/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Project", + "apiVersion": "project.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/projects/$NAME <<'EOF' +{ + "kind": "Project", + "apiVersion": "project.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Project +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Project +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-project.openshift.io-v1-projects-name]] +=== Patch a Project +Partially update the specified Project + +==== HTTP request +---- +PATCH /apis/project.openshift.io/v1/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/projects/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Project +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-project.openshift.io-v1-projects-name]] +=== Delete a Project +Delete a Project + +==== HTTP request +---- +DELETE /apis/project.openshift.io/v1/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/projects/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-project.openshift.io/v1.ProjectRequest.adoc b/rest_api/apis-project.openshift.io/v1.ProjectRequest.adoc new file mode 100644 index 000000000000..3a79d66c6b44 --- /dev/null +++ b/rest_api/apis-project.openshift.io/v1.ProjectRequest.adoc @@ -0,0 +1,223 @@ += v1.ProjectRequest +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ProjecRequest is the set of options necessary to fully qualify a project request + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
description:
+
displayName:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-apis-project.openshift.io-v1-projectrequests]] +=== Create a ProjectRequest +Create a ProjectRequest + +==== HTTP request +---- +POST /apis/project.openshift.io/v1/projectrequests HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ProjectRequest", + "apiVersion": "project.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/projectrequests <<'EOF' +{ + "kind": "ProjectRequest", + "apiVersion": "project.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ProjectRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ProjectRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-project.openshift.io-v1-projectrequests]] +=== Get all ProjectRequests +List objects of kind ProjectRequest + +==== HTTP request +---- +GET /apis/project.openshift.io/v1/projectrequests HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/v1/projectrequests +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + + diff --git a/rest_api/apis-quota.openshift.io/v1.AppliedClusterResourceQuota.adoc b/rest_api/apis-quota.openshift.io/v1.AppliedClusterResourceQuota.adoc new file mode 100644 index 000000000000..f6f9569e0d53 --- /dev/null +++ b/rest_api/apis-quota.openshift.io/v1.AppliedClusterResourceQuota.adoc @@ -0,0 +1,296 @@ += v1.AppliedClusterResourceQuota +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +AppliedClusterResourceQuota mirrors ClusterResourceQuota at a project scope, for projection into a project. It allows a project-admin to know which ClusterResourceQuotas are applied to his project and their associated usage. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  quota:
+
    hard:
+
      [string]:
+
    scopes:
+
    - [string]:
+
  selector:
+
    annotations:
+
      [string]:
+
    labels:
+
      matchExpressions:
+
      - key:
+
        operator:
+
        values:
+
        - [string]:
+
      matchLabels:
+
        [string]:
+
status:
+
  namespaces:
+
  - namespace:
+
    status:
+
      hard:
+
        [string]:
+
      used:
+
        [string]:
+
  total:
+
    hard:
+
      [string]:
+
    used:
+
      [string]:
+

+
+++++ + +== Operations + +[[Get-apis-quota.openshift.io-v1-namespaces-namespace-appliedclusterresourcequotas-name]] +=== Get a AppliedClusterResourceQuota in a namespace +Read the specified AppliedClusterResourceQuota + +==== HTTP request +---- +GET /apis/quota.openshift.io/v1/namespaces/$NAMESPACE/appliedclusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/namespaces/$NAMESPACE/appliedclusterresourcequotas/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the AppliedClusterResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.AppliedClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-quota.openshift.io-v1-appliedclusterresourcequotas]] +=== Get all AppliedClusterResourceQuotas +List objects of kind AppliedClusterResourceQuota + +==== HTTP request +---- +GET /apis/quota.openshift.io/v1/appliedclusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/appliedclusterresourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.AppliedClusterResourceQuotaList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-quota.openshift.io-v1-namespaces-namespace-appliedclusterresourcequotas]] +=== Get all AppliedClusterResourceQuotas in a namespace +List objects of kind AppliedClusterResourceQuota + +==== HTTP request +---- +GET /apis/quota.openshift.io/v1/namespaces/$NAMESPACE/appliedclusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/namespaces/$NAMESPACE/appliedclusterresourcequotas +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.AppliedClusterResourceQuotaList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + + diff --git a/rest_api/apis-quota.openshift.io/v1.ClusterResourceQuota.adoc b/rest_api/apis-quota.openshift.io/v1.ClusterResourceQuota.adoc new file mode 100644 index 000000000000..bf8f7f6f09ef --- /dev/null +++ b/rest_api/apis-quota.openshift.io/v1.ClusterResourceQuota.adoc @@ -0,0 +1,907 @@ += v1.ClusterResourceQuota +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterResourceQuota mirrors ResourceQuota at a cluster scope. This object is easily convertible to synthetic ResourceQuota object to allow quota evaluation re-use. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  quota:
+
    hard:
+
      [string]:
+
    scopes:
+
    - [string]:
+
  selector:
+
    annotations:
+
      [string]:
+
    labels:
+
      matchExpressions:
+
      - key:
+
        operator:
+
        values:
+
        - [string]:
+
      matchLabels:
+
        [string]:
+
status:
+
  namespaces:
+
  - namespace:
+
    status:
+
      hard:
+
        [string]:
+
      used:
+
        [string]:
+
  total:
+
    hard:
+
      [string]:
+
    used:
+
      [string]:
+

+
+++++ + +== Operations + +[[Post-apis-quota.openshift.io-v1-clusterresourcequotas]] +=== Create a ClusterResourceQuota +Create a ClusterResourceQuota + +==== HTTP request +---- +POST /apis/quota.openshift.io/v1/clusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterResourceQuota", + "apiVersion": "quota.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas <<'EOF' +{ + "kind": "ClusterResourceQuota", + "apiVersion": "quota.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-quota.openshift.io-v1-clusterresourcequotas-name]] +=== Get a ClusterResourceQuota +Read the specified ClusterResourceQuota + +==== HTTP request +---- +GET /apis/quota.openshift.io/v1/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-quota.openshift.io-v1-clusterresourcequotas]] +=== Get all ClusterResourceQuotas +List or watch objects of kind ClusterResourceQuota + +==== HTTP request +---- +GET /apis/quota.openshift.io/v1/clusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuotaList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-quota.openshift.io-v1-watch-clusterresourcequotas-name]] +=== Watch a ClusterResourceQuota +Watch changes to an object of kind ClusterResourceQuota + +==== HTTP request +---- +GET /apis/quota.openshift.io/v1/watch/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/watch/clusterresourcequotas/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-quota.openshift.io-v1-watch-clusterresourcequotas]] +=== Watch all ClusterResourceQuotas +Watch individual changes to a list of ClusterResourceQuota + +==== HTTP request +---- +GET /apis/quota.openshift.io/v1/watch/clusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/watch/clusterresourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-quota.openshift.io-v1-clusterresourcequotas-name]] +=== Update a ClusterResourceQuota +Replace the specified ClusterResourceQuota + +==== HTTP request +---- +PUT /apis/quota.openshift.io/v1/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterResourceQuota", + "apiVersion": "quota.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas/$NAME <<'EOF' +{ + "kind": "ClusterResourceQuota", + "apiVersion": "quota.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterResourceQuota +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-quota.openshift.io-v1-clusterresourcequotas-name]] +=== Patch a ClusterResourceQuota +Partially update the specified ClusterResourceQuota + +==== HTTP request +---- +PATCH /apis/quota.openshift.io/v1/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-quota.openshift.io-v1-clusterresourcequotas-name]] +=== Delete a ClusterResourceQuota +Delete a ClusterResourceQuota + +==== HTTP request +---- +DELETE /apis/quota.openshift.io/v1/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-quota.openshift.io-v1-clusterresourcequotas]] +=== Delete all ClusterResourceQuotas +Delete collection of ClusterResourceQuota + +==== HTTP request +---- +DELETE /apis/quota.openshift.io/v1/clusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-quota.openshift.io-v1-clusterresourcequotas-name-status]] +=== Get status of a ClusterResourceQuota +Read status of the specified ClusterResourceQuota + +==== HTTP request +---- +GET /apis/quota.openshift.io/v1/clusterresourcequotas/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-quota.openshift.io-v1-clusterresourcequotas-name-status]] +=== Update status of a ClusterResourceQuota +Replace status of the specified ClusterResourceQuota + +==== HTTP request +---- +PUT /apis/quota.openshift.io/v1/clusterresourcequotas/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterResourceQuota", + "apiVersion": "quota.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas/$NAME/status <<'EOF' +{ + "kind": "ClusterResourceQuota", + "apiVersion": "quota.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterResourceQuota +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-quota.openshift.io-v1-clusterresourcequotas-name-status]] +=== Patch status of a ClusterResourceQuota +Partially update status of the specified ClusterResourceQuota + +==== HTTP request +---- +PATCH /apis/quota.openshift.io/v1/clusterresourcequotas/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/quota.openshift.io/v1/clusterresourcequotas/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-rbac.authorization.k8s.io/v1beta1.ClusterRole.adoc b/rest_api/apis-rbac.authorization.k8s.io/v1beta1.ClusterRole.adoc new file mode 100644 index 000000000000..648572131ace --- /dev/null +++ b/rest_api/apis-rbac.authorization.k8s.io/v1beta1.ClusterRole.adoc @@ -0,0 +1,681 @@ += v1beta1.ClusterRole +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
rules:
+
- apiGroups:
+
- - [string]:
+
  nonResourceURLs:
+
  - [string]:
+
  resourceNames:
+
  - [string]:
+
  resources:
+
  - [string]:
+
  verbs:
+
  - [string]:
+

+
+++++ + +== Operations + +[[Post-apis-rbac.authorization.k8s.io-v1beta1-clusterroles]] +=== Create a ClusterRole +Create a ClusterRole + +==== HTTP request +---- +POST /apis/rbac.authorization.k8s.io/v1beta1/clusterroles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRole", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterroles <<'EOF' +{ + "kind": "ClusterRole", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-clusterroles-name]] +=== Get a ClusterRole +Read the specified ClusterRole + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterroles/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-clusterroles]] +=== Get all ClusterRoles +List or watch objects of kind ClusterRole + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/clusterroles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterroles +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRoleList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-clusterroles-name]] +=== Watch a ClusterRole +Watch changes to an object of kind ClusterRole + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterroles/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-clusterroles]] +=== Watch all ClusterRoles +Watch individual changes to a list of ClusterRole + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/clusterroles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterroles +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-rbac.authorization.k8s.io-v1beta1-clusterroles-name]] +=== Update a ClusterRole +Replace the specified ClusterRole + +==== HTTP request +---- +PUT /apis/rbac.authorization.k8s.io/v1beta1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRole", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterroles/$NAME <<'EOF' +{ + "kind": "ClusterRole", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ClusterRole +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-rbac.authorization.k8s.io-v1beta1-clusterroles-name]] +=== Patch a ClusterRole +Partially update the specified ClusterRole + +==== HTTP request +---- +PATCH /apis/rbac.authorization.k8s.io/v1beta1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterroles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-rbac.authorization.k8s.io-v1beta1-clusterroles-name]] +=== Delete a ClusterRole +Delete a ClusterRole + +==== HTTP request +---- +DELETE /apis/rbac.authorization.k8s.io/v1beta1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterroles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-rbac.authorization.k8s.io-v1beta1-clusterroles]] +=== Delete all ClusterRoles +Delete collection of ClusterRole + +==== HTTP request +---- +DELETE /apis/rbac.authorization.k8s.io/v1beta1/clusterroles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterroles +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-rbac.authorization.k8s.io/v1beta1.ClusterRoleBinding.adoc b/rest_api/apis-rbac.authorization.k8s.io/v1beta1.ClusterRoleBinding.adoc new file mode 100644 index 000000000000..3ac621377e63 --- /dev/null +++ b/rest_api/apis-rbac.authorization.k8s.io/v1beta1.ClusterRoleBinding.adoc @@ -0,0 +1,679 @@ += v1beta1.ClusterRoleBinding +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
roleRef:
+
  apiGroup:
+
  kind:
+
  name:
+
subjects:
+
- apiGroup:
+
  kind:
+
  name:
+
  namespace:
+

+
+++++ + +== Operations + +[[Post-apis-rbac.authorization.k8s.io-v1beta1-clusterrolebindings]] +=== Create a ClusterRoleBinding +Create a ClusterRoleBinding + +==== HTTP request +---- +POST /apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings <<'EOF' +{ + "kind": "ClusterRoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-clusterrolebindings-name]] +=== Get a ClusterRoleBinding +Read the specified ClusterRoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-clusterrolebindings]] +=== Get all ClusterRoleBindings +List or watch objects of kind ClusterRoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRoleBindingList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-clusterrolebindings-name]] +=== Watch a ClusterRoleBinding +Watch changes to an object of kind ClusterRoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterrolebindings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-clusterrolebindings]] +=== Watch all ClusterRoleBindings +Watch individual changes to a list of ClusterRoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/clusterrolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterrolebindings +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-rbac.authorization.k8s.io-v1beta1-clusterrolebindings-name]] +=== Update a ClusterRoleBinding +Replace the specified ClusterRoleBinding + +==== HTTP request +---- +PUT /apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/$NAME <<'EOF' +{ + "kind": "ClusterRoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.ClusterRoleBinding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-rbac.authorization.k8s.io-v1beta1-clusterrolebindings-name]] +=== Patch a ClusterRoleBinding +Partially update the specified ClusterRoleBinding + +==== HTTP request +---- +PATCH /apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-rbac.authorization.k8s.io-v1beta1-clusterrolebindings-name]] +=== Delete a ClusterRoleBinding +Delete a ClusterRoleBinding + +==== HTTP request +---- +DELETE /apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-rbac.authorization.k8s.io-v1beta1-clusterrolebindings]] +=== Delete all ClusterRoleBindings +Delete collection of ClusterRoleBinding + +==== HTTP request +---- +DELETE /apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-rbac.authorization.k8s.io/v1beta1.Role.adoc b/rest_api/apis-rbac.authorization.k8s.io/v1beta1.Role.adoc new file mode 100644 index 000000000000..8bc193ea9890 --- /dev/null +++ b/rest_api/apis-rbac.authorization.k8s.io/v1beta1.Role.adoc @@ -0,0 +1,892 @@ += v1beta1.Role +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
rules:
+
- apiGroups:
+
- - [string]:
+
  nonResourceURLs:
+
  - [string]:
+
  resourceNames:
+
  - [string]:
+
  resources:
+
  - [string]:
+
  verbs:
+
  - [string]:
+

+
+++++ + +== Operations + +[[Post-apis-rbac.authorization.k8s.io-v1beta1-roles]] +=== Create a Role +Create a Role + +==== HTTP request +---- +POST /apis/rbac.authorization.k8s.io/v1beta1/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Role", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/roles <<'EOF' +{ + "kind": "Role", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Role +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-roles]] +=== Create a Role in a namespace +Create a Role + +==== HTTP request +---- +POST /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Role", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles <<'EOF' +{ + "kind": "Role", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Role +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-roles-name]] +=== Get a Role in a namespace +Read the specified Role + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-roles]] +=== Get all Roles +List or watch objects of kind Role + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/roles +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.RoleList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-roles]] +=== Get all Roles in a namespace +List or watch objects of kind Role + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.RoleList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-namespaces-namespace-roles-name]] +=== Watch a Role in a namespace +Watch changes to an object of kind Role + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/$NAMESPACE/roles/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-roles]] +=== Watch all Roles +Watch individual changes to a list of Role + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/roles +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-namespaces-namespace-roles]] +=== Watch all Roles in a namespace +Watch individual changes to a list of Role + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/$NAMESPACE/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/$NAMESPACE/roles +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-roles-name]] +=== Update a Role in a namespace +Replace the specified Role + +==== HTTP request +---- +PUT /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Role", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles/$NAME <<'EOF' +{ + "kind": "Role", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Role +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-roles-name]] +=== Patch a Role in a namespace +Partially update the specified Role + +==== HTTP request +---- +PATCH /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-roles-name]] +=== Delete a Role in a namespace +Delete a Role + +==== HTTP request +---- +DELETE /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-roles]] +=== Delete all Roles in a namespace +Delete collection of Role + +==== HTTP request +---- +DELETE /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/roles +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-rbac.authorization.k8s.io/v1beta1.RoleBinding.adoc b/rest_api/apis-rbac.authorization.k8s.io/v1beta1.RoleBinding.adoc new file mode 100644 index 000000000000..4ef800fd8d7b --- /dev/null +++ b/rest_api/apis-rbac.authorization.k8s.io/v1beta1.RoleBinding.adoc @@ -0,0 +1,890 @@ += v1beta1.RoleBinding +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
roleRef:
+
  apiGroup:
+
  kind:
+
  name:
+
subjects:
+
- apiGroup:
+
  kind:
+
  name:
+
  namespace:
+

+
+++++ + +== Operations + +[[Post-apis-rbac.authorization.k8s.io-v1beta1-rolebindings]] +=== Create a RoleBinding +Create a RoleBinding + +==== HTTP request +---- +POST /apis/rbac.authorization.k8s.io/v1beta1/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/rolebindings <<'EOF' +{ + "kind": "RoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.RoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-rolebindings]] +=== Create a RoleBinding in a namespace +Create a RoleBinding + +==== HTTP request +---- +POST /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings <<'EOF' +{ + "kind": "RoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.RoleBinding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-rolebindings-name]] +=== Get a RoleBinding in a namespace +Read the specified RoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-rolebindings]] +=== Get all RoleBindings +List or watch objects of kind RoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/rolebindings +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.RoleBindingList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-rolebindings]] +=== Get all RoleBindings in a namespace +List or watch objects of kind RoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.RoleBindingList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-namespaces-namespace-rolebindings-name]] +=== Watch a RoleBinding in a namespace +Watch changes to an object of kind RoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/$NAMESPACE/rolebindings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-rolebindings]] +=== Watch all RoleBindings +Watch individual changes to a list of RoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/rolebindings +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-rbac.authorization.k8s.io-v1beta1-watch-namespaces-namespace-rolebindings]] +=== Watch all RoleBindings in a namespace +Watch individual changes to a list of RoleBinding + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/$NAMESPACE/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/$NAMESPACE/rolebindings +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-rolebindings-name]] +=== Update a RoleBinding in a namespace +Replace the specified RoleBinding + +==== HTTP request +---- +PUT /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings/$NAME <<'EOF' +{ + "kind": "RoleBinding", + "apiVersion": "rbac.authorization.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.RoleBinding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-rolebindings-name]] +=== Patch a RoleBinding in a namespace +Partially update the specified RoleBinding + +==== HTTP request +---- +PATCH /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-rolebindings-name]] +=== Delete a RoleBinding in a namespace +Delete a RoleBinding + +==== HTTP request +---- +DELETE /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-rbac.authorization.k8s.io-v1beta1-namespaces-namespace-rolebindings]] +=== Delete all RoleBindings in a namespace +Delete collection of RoleBinding + +==== HTTP request +---- +DELETE /apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/v1beta1/namespaces/$NAMESPACE/rolebindings +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-route.openshift.io/v1.Route.adoc b/rest_api/apis-route.openshift.io/v1.Route.adoc new file mode 100644 index 000000000000..8e07e6221810 --- /dev/null +++ b/rest_api/apis-route.openshift.io/v1.Route.adoc @@ -0,0 +1,1132 @@ += v1.Route +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +A route allows developers to expose services through an HTTP(S) aware load balancing and proxy layer via a public DNS entry. The route may further specify TLS options and a certificate, or specify a public CNAME that the router should also accept for HTTP and HTTPS traffic. An administrator typically configures their router to be visible outside the cluster firewall, and may also add additional security, caching, or traffic controls on the service content. Routers usually talk directly to the service endpoints. + +Once a route is created, the `host` field may not be changed. Generally, routers use the oldest route with a given host when resolving conflicts. + +Routers are subject to additional customization and may support additional controls via the annotations field. + +Because administrators may configure multiple routers, the route status field is used to return information to clients about the names and states of the route under each router. If a client chooses a duplicate name, for instance, the route status conditions are used to indicate the route cannot be chosen. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  alternateBackends:
+
  - kind:
+
    name:
+
    weight:
+
  host:
+
  path:
+
  port:
+
    targetPort:
+
  tls:
+
    caCertificate:
+
    certificate:
+
    destinationCACertificate:
+
    insecureEdgeTerminationPolicy:
+
    key:
+
    termination:
+
  to:
+
    kind:
+
    name:
+
    weight:
+
  wildcardPolicy:
+
status:
+
  ingress:
+
  - conditions:
+
  - - lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    host:
+
    routerCanonicalHostname:
+
    routerName:
+
    wildcardPolicy:
+

+
+++++ + +== Operations + +[[Post-apis-route.openshift.io-v1-routes]] +=== Create a Route +Create a Route + +==== HTTP request +---- +POST /apis/route.openshift.io/v1/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Route", + "apiVersion": "route.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/routes <<'EOF' +{ + "kind": "Route", + "apiVersion": "route.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Route +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-route.openshift.io-v1-namespaces-namespace-routes]] +=== Create a Route in a namespace +Create a Route + +==== HTTP request +---- +POST /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Route", + "apiVersion": "route.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes <<'EOF' +{ + "kind": "Route", + "apiVersion": "route.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Route +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-route.openshift.io-v1-namespaces-namespace-routes-name]] +=== Get a Route in a namespace +Read the specified Route + +==== HTTP request +---- +GET /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-route.openshift.io-v1-routes]] +=== Get all Routes +List or watch objects of kind Route + +==== HTTP request +---- +GET /apis/route.openshift.io/v1/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/routes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RouteList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-route.openshift.io-v1-namespaces-namespace-routes]] +=== Get all Routes in a namespace +List or watch objects of kind Route + +==== HTTP request +---- +GET /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RouteList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-route.openshift.io-v1-watch-namespaces-namespace-routes-name]] +=== Watch a Route in a namespace +Watch changes to an object of kind Route + +==== HTTP request +---- +GET /apis/route.openshift.io/v1/watch/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/watch/namespaces/$NAMESPACE/routes/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-route.openshift.io-v1-watch-routes]] +=== Watch all Routes +Watch individual changes to a list of Route + +==== HTTP request +---- +GET /apis/route.openshift.io/v1/watch/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/watch/routes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-route.openshift.io-v1-watch-namespaces-namespace-routes]] +=== Watch all Routes in a namespace +Watch individual changes to a list of Route + +==== HTTP request +---- +GET /apis/route.openshift.io/v1/watch/namespaces/$NAMESPACE/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/watch/namespaces/$NAMESPACE/routes +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-route.openshift.io-v1-namespaces-namespace-routes-name]] +=== Update a Route in a namespace +Replace the specified Route + +==== HTTP request +---- +PUT /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Route", + "apiVersion": "route.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME <<'EOF' +{ + "kind": "Route", + "apiVersion": "route.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Route +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-route.openshift.io-v1-namespaces-namespace-routes-name]] +=== Patch a Route in a namespace +Partially update the specified Route + +==== HTTP request +---- +PATCH /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-route.openshift.io-v1-namespaces-namespace-routes-name]] +=== Delete a Route in a namespace +Delete a Route + +==== HTTP request +---- +DELETE /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-route.openshift.io-v1-namespaces-namespace-routes]] +=== Delete all Routes in a namespace +Delete collection of Route + +==== HTTP request +---- +DELETE /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-route.openshift.io-v1-namespaces-namespace-routes-name-status]] +=== Get status of a Route in a namespace +Read status of the specified Route + +==== HTTP request +---- +GET /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-route.openshift.io-v1-namespaces-namespace-routes-name-status]] +=== Update status of a Route in a namespace +Replace status of the specified Route + +==== HTTP request +---- +PUT /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Route", + "apiVersion": "route.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME/status <<'EOF' +{ + "kind": "Route", + "apiVersion": "route.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Route +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-route.openshift.io-v1-namespaces-namespace-routes-name-status]] +=== Patch status of a Route in a namespace +Partially update status of the specified Route + +==== HTTP request +---- +PATCH /apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/route.openshift.io/v1/namespaces/$NAMESPACE/routes/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-security.openshift.io/v1.PodSecurityPolicyReview.adoc b/rest_api/apis-security.openshift.io/v1.PodSecurityPolicyReview.adoc new file mode 100644 index 000000000000..aff2d8fd0a9f --- /dev/null +++ b/rest_api/apis-security.openshift.io/v1.PodSecurityPolicyReview.adoc @@ -0,0 +1,1511 @@ += v1.PodSecurityPolicyReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PodSecurityPolicyReview checks which service accounts (not users, since that would be cluster-wide) can create the `PodTemplateSpec` in question. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  serviceAccountNames:
+
  - [string]:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
status:
+
  allowedServiceAccounts:
+
  - allowedBy:
+
  -   apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
    name:
+
    reason:
+
    template:
+
      metadata:
+
        annotations:
+
          [string]:
+
        clusterName:
+
        creationTimestamp:
+
        deletionGracePeriodSeconds:
+
        deletionTimestamp:
+
        finalizers:
+
        - [string]:
+
        generateName:
+
        generation:
+
        initializers:
+
          pending:
+
          - name:
+
          result:
+
            apiVersion:
+
            code:
+
            details:
+
              causes:
+
              - field:
+
                message:
+
                reason:
+
              group:
+
              kind:
+
              name:
+
              retryAfterSeconds:
+
              uid:
+
            kind:
+
            message:
+
            metadata:
+
              resourceVersion:
+
              selfLink:
+
            reason:
+
            status:
+
        labels:
+
          [string]:
+
        name:
+
        namespace:
+
        ownerReferences:
+
        - apiVersion:
+
          blockOwnerDeletion:
+
          controller:
+
          kind:
+
          name:
+
          uid:
+
        resourceVersion:
+
        selfLink:
+
        uid:
+
      spec:
+
        activeDeadlineSeconds:
+
        affinity:
+
          nodeAffinity:
+
            preferredDuringSchedulingIgnoredDuringExecution:
+
            - preference:
+
            -   matchExpressions:
+
            -   - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
              weight:
+
            requiredDuringSchedulingIgnoredDuringExecution:
+
              nodeSelectorTerms:
+
              - matchExpressions:
+
              - - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
          podAffinity:
+
            preferredDuringSchedulingIgnoredDuringExecution:
+
            - podAffinityTerm:
+
            -   labelSelector:
+
            -     matchExpressions:
+
            -     - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                  matchLabels:
+
                    [string]:
+
                namespaces:
+
                - [string]:
+
                topologyKey:
+
              weight:
+
            requiredDuringSchedulingIgnoredDuringExecution:
+
            - labelSelector:
+
            -   matchExpressions:
+
            -   - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
          podAntiAffinity:
+
            preferredDuringSchedulingIgnoredDuringExecution:
+
            - podAffinityTerm:
+
            -   labelSelector:
+
            -     matchExpressions:
+
            -     - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                  matchLabels:
+
                    [string]:
+
                namespaces:
+
                - [string]:
+
                topologyKey:
+
              weight:
+
            requiredDuringSchedulingIgnoredDuringExecution:
+
            - labelSelector:
+
            -   matchExpressions:
+
            -   - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
        automountServiceAccountToken:
+
        containers:
+
        - args:
+
        - - [string]:
+
          command:
+
          - [string]:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          envFrom:
+
          - configMapRef:
+
          -   name:
+
              optional:
+
            prefix:
+
            secretRef:
+
              name:
+
              optional:
+
          image:
+
          imagePullPolicy:
+
          lifecycle:
+
            postStart:
+
              exec:
+
                command:
+
                - [string]:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              tcpSocket:
+
                host:
+
                port:
+
            preStop:
+
              exec:
+
                command:
+
                - [string]:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              tcpSocket:
+
                host:
+
                port:
+
          livenessProbe:
+
            exec:
+
              command:
+
              - [string]:
+
            failureThreshold:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            initialDelaySeconds:
+
            periodSeconds:
+
            successThreshold:
+
            tcpSocket:
+
              host:
+
              port:
+
            timeoutSeconds:
+
          name:
+
          ports:
+
          - containerPort:
+
            hostIP:
+
            hostPort:
+
            name:
+
            protocol:
+
          readinessProbe:
+
            exec:
+
              command:
+
              - [string]:
+
            failureThreshold:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            initialDelaySeconds:
+
            periodSeconds:
+
            successThreshold:
+
            tcpSocket:
+
              host:
+
              port:
+
            timeoutSeconds:
+
          resources:
+
            limits:
+
              [string]:
+
            requests:
+
              [string]:
+
          securityContext:
+
            capabilities:
+
              add:
+
              - [string]:
+
              drop:
+
              - [string]:
+
            privileged:
+
            readOnlyRootFilesystem:
+
            runAsNonRoot:
+
            runAsUser:
+
            seLinuxOptions:
+
              level:
+
              role:
+
              type:
+
              user:
+
          stdin:
+
          stdinOnce:
+
          terminationMessagePath:
+
          terminationMessagePolicy:
+
          tty:
+
          volumeMounts:
+
          - mountPath:
+
            name:
+
            readOnly:
+
            subPath:
+
          workingDir:
+
        dnsPolicy:
+
        hostAliases:
+
        - hostnames:
+
        - - [string]:
+
          ip:
+
        hostIPC:
+
        hostNetwork:
+
        hostPID:
+
        hostname:
+
        imagePullSecrets:
+
        - name:
+
        initContainers:
+
        - args:
+
        - - [string]:
+
          command:
+
          - [string]:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          envFrom:
+
          - configMapRef:
+
          -   name:
+
              optional:
+
            prefix:
+
            secretRef:
+
              name:
+
              optional:
+
          image:
+
          imagePullPolicy:
+
          lifecycle:
+
            postStart:
+
              exec:
+
                command:
+
                - [string]:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              tcpSocket:
+
                host:
+
                port:
+
            preStop:
+
              exec:
+
                command:
+
                - [string]:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              tcpSocket:
+
                host:
+
                port:
+
          livenessProbe:
+
            exec:
+
              command:
+
              - [string]:
+
            failureThreshold:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            initialDelaySeconds:
+
            periodSeconds:
+
            successThreshold:
+
            tcpSocket:
+
              host:
+
              port:
+
            timeoutSeconds:
+
          name:
+
          ports:
+
          - containerPort:
+
            hostIP:
+
            hostPort:
+
            name:
+
            protocol:
+
          readinessProbe:
+
            exec:
+
              command:
+
              - [string]:
+
            failureThreshold:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            initialDelaySeconds:
+
            periodSeconds:
+
            successThreshold:
+
            tcpSocket:
+
              host:
+
              port:
+
            timeoutSeconds:
+
          resources:
+
            limits:
+
              [string]:
+
            requests:
+
              [string]:
+
          securityContext:
+
            capabilities:
+
              add:
+
              - [string]:
+
              drop:
+
              - [string]:
+
            privileged:
+
            readOnlyRootFilesystem:
+
            runAsNonRoot:
+
            runAsUser:
+
            seLinuxOptions:
+
              level:
+
              role:
+
              type:
+
              user:
+
          stdin:
+
          stdinOnce:
+
          terminationMessagePath:
+
          terminationMessagePolicy:
+
          tty:
+
          volumeMounts:
+
          - mountPath:
+
            name:
+
            readOnly:
+
            subPath:
+
          workingDir:
+
        nodeName:
+
        nodeSelector:
+
          [string]:
+
        restartPolicy:
+
        schedulerName:
+
        securityContext:
+
          fsGroup:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
          supplementalGroups:
+
          - [integer]:
+
        serviceAccount:
+
        serviceAccountName:
+
        subdomain:
+
        terminationGracePeriodSeconds:
+
        tolerations:
+
        - effect:
+
          key:
+
          operator:
+
          tolerationSeconds:
+
          value:
+
        volumes:
+
        - awsElasticBlockStore:
+
        -   fsType:
+
            partition:
+
            readOnly:
+
            volumeID:
+
          azureDisk:
+
            cachingMode:
+
            diskName:
+
            diskURI:
+
            fsType:
+
            kind:
+
            readOnly:
+
          azureFile:
+
            readOnly:
+
            secretName:
+
            shareName:
+
          cephfs:
+
            monitors:
+
            - [string]:
+
            path:
+
            readOnly:
+
            secretFile:
+
            secretRef:
+
              name:
+
            user:
+
          cinder:
+
            fsType:
+
            readOnly:
+
            volumeID:
+
          configMap:
+
            defaultMode:
+
            items:
+
            - key:
+
              mode:
+
              path:
+
            name:
+
            optional:
+
          downwardAPI:
+
            defaultMode:
+
            items:
+
            - fieldRef:
+
            -   apiVersion:
+
                fieldPath:
+
              mode:
+
              path:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
          emptyDir:
+
            medium:
+
            sizeLimit:
+
          fc:
+
            fsType:
+
            lun:
+
            readOnly:
+
            targetWWNs:
+
            - [string]:
+
          flexVolume:
+
            driver:
+
            fsType:
+
            options:
+
              [string]:
+
            readOnly:
+
            secretRef:
+
              name:
+
          flocker:
+
            datasetName:
+
            datasetUUID:
+
          gcePersistentDisk:
+
            fsType:
+
            partition:
+
            pdName:
+
            readOnly:
+
          gitRepo:
+
            directory:
+
            repository:
+
            revision:
+
          glusterfs:
+
            endpoints:
+
            path:
+
            readOnly:
+
          hostPath:
+
            path:
+
          iscsi:
+
            chapAuthDiscovery:
+
            chapAuthSession:
+
            fsType:
+
            iqn:
+
            iscsiInterface:
+
            lun:
+
            portals:
+
            - [string]:
+
            readOnly:
+
            secretRef:
+
              name:
+
            targetPortal:
+
          name:
+
          nfs:
+
            path:
+
            readOnly:
+
            server:
+
          persistentVolumeClaim:
+
            claimName:
+
            readOnly:
+
          photonPersistentDisk:
+
            fsType:
+
            pdID:
+
          portworxVolume:
+
            fsType:
+
            readOnly:
+
            volumeID:
+
          projected:
+
            defaultMode:
+
            sources:
+
            - configMap:
+
            -   items:
+
            -   - key:
+
                  mode:
+
                  path:
+
                name:
+
                optional:
+
              downwardAPI:
+
                items:
+
                - fieldRef:
+
                -   apiVersion:
+
                    fieldPath:
+
                  mode:
+
                  path:
+
                  resourceFieldRef:
+
                    containerName:
+
                    divisor:
+
                    resource:
+
              secret:
+
                items:
+
                - key:
+
                  mode:
+
                  path:
+
                name:
+
                optional:
+
          quobyte:
+
            group:
+
            readOnly:
+
            registry:
+
            user:
+
            volume:
+
          rbd:
+
            fsType:
+
            image:
+
            keyring:
+
            monitors:
+
            - [string]:
+
            pool:
+
            readOnly:
+
            secretRef:
+
              name:
+
            user:
+
          scaleIO:
+
            fsType:
+
            gateway:
+
            protectionDomain:
+
            readOnly:
+
            secretRef:
+
              name:
+
            sslEnabled:
+
            storageMode:
+
            storagePool:
+
            system:
+
            volumeName:
+
          secret:
+
            defaultMode:
+
            items:
+
            - key:
+
              mode:
+
              path:
+
            optional:
+
            secretName:
+
          storageos:
+
            fsType:
+
            readOnly:
+
            secretRef:
+
              name:
+
            volumeName:
+
            volumeNamespace:
+
          vsphereVolume:
+
            fsType:
+
            storagePolicyID:
+
            storagePolicyName:
+
            volumePath:
+

+
+++++ + +== Operations + +[[Post-apis-security.openshift.io-v1-podsecuritypolicyreviews]] +=== Create a PodSecurityPolicyReview +Create a PodSecurityPolicyReview + +==== HTTP request +---- +POST /apis/security.openshift.io/v1/podsecuritypolicyreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicyReview", + "apiVersion": "security.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/podsecuritypolicyreviews <<'EOF' +{ + "kind": "PodSecurityPolicyReview", + "apiVersion": "security.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicyReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicyReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-security.openshift.io-v1-namespaces-namespace-podsecuritypolicyreviews]] +=== Create a PodSecurityPolicyReview in a namespace +Create a PodSecurityPolicyReview + +==== HTTP request +---- +POST /apis/security.openshift.io/v1/namespaces/$NAMESPACE/podsecuritypolicyreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicyReview", + "apiVersion": "security.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/namespaces/$NAMESPACE/podsecuritypolicyreviews <<'EOF' +{ + "kind": "PodSecurityPolicyReview", + "apiVersion": "security.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicyReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicyReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-security.openshift.io/v1.PodSecurityPolicySelfSubjectReview.adoc b/rest_api/apis-security.openshift.io/v1.PodSecurityPolicySelfSubjectReview.adoc new file mode 100644 index 000000000000..6bad7cca905f --- /dev/null +++ b/rest_api/apis-security.openshift.io/v1.PodSecurityPolicySelfSubjectReview.adoc @@ -0,0 +1,1507 @@ += v1.PodSecurityPolicySelfSubjectReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PodSecurityPolicySelfSubjectReview checks whether this user/SA tuple can create the PodTemplateSpec + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
status:
+
  allowedBy:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  reason:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+

+
+++++ + +== Operations + +[[Post-apis-security.openshift.io-v1-podsecuritypolicyselfsubjectreviews]] +=== Create a PodSecurityPolicySelfSubjectReview +Create a PodSecurityPolicySelfSubjectReview + +==== HTTP request +---- +POST /apis/security.openshift.io/v1/podsecuritypolicyselfsubjectreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicySelfSubjectReview", + "apiVersion": "security.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/podsecuritypolicyselfsubjectreviews <<'EOF' +{ + "kind": "PodSecurityPolicySelfSubjectReview", + "apiVersion": "security.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicySelfSubjectReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicySelfSubjectReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-security.openshift.io-v1-namespaces-namespace-podsecuritypolicyselfsubjectreviews]] +=== Create a PodSecurityPolicySelfSubjectReview in a namespace +Create a PodSecurityPolicySelfSubjectReview + +==== HTTP request +---- +POST /apis/security.openshift.io/v1/namespaces/$NAMESPACE/podsecuritypolicyselfsubjectreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicySelfSubjectReview", + "apiVersion": "security.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/namespaces/$NAMESPACE/podsecuritypolicyselfsubjectreviews <<'EOF' +{ + "kind": "PodSecurityPolicySelfSubjectReview", + "apiVersion": "security.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicySelfSubjectReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicySelfSubjectReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-security.openshift.io/v1.PodSecurityPolicySubjectReview.adoc b/rest_api/apis-security.openshift.io/v1.PodSecurityPolicySubjectReview.adoc new file mode 100644 index 000000000000..2275660cd77f --- /dev/null +++ b/rest_api/apis-security.openshift.io/v1.PodSecurityPolicySubjectReview.adoc @@ -0,0 +1,1510 @@ += v1.PodSecurityPolicySubjectReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PodSecurityPolicySubjectReview checks whether a particular user/SA tuple can create the PodTemplateSpec. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  groups:
+
  - [string]:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
  user:
+
status:
+
  allowedBy:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  reason:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+

+
+++++ + +== Operations + +[[Post-apis-security.openshift.io-v1-podsecuritypolicysubjectreviews]] +=== Create a PodSecurityPolicySubjectReview +Create a PodSecurityPolicySubjectReview + +==== HTTP request +---- +POST /apis/security.openshift.io/v1/podsecuritypolicysubjectreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicySubjectReview", + "apiVersion": "security.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/podsecuritypolicysubjectreviews <<'EOF' +{ + "kind": "PodSecurityPolicySubjectReview", + "apiVersion": "security.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicySubjectReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicySubjectReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-security.openshift.io-v1-namespaces-namespace-podsecuritypolicysubjectreviews]] +=== Create a PodSecurityPolicySubjectReview in a namespace +Create a PodSecurityPolicySubjectReview + +==== HTTP request +---- +POST /apis/security.openshift.io/v1/namespaces/$NAMESPACE/podsecuritypolicysubjectreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicySubjectReview", + "apiVersion": "security.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/namespaces/$NAMESPACE/podsecuritypolicysubjectreviews <<'EOF' +{ + "kind": "PodSecurityPolicySubjectReview", + "apiVersion": "security.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicySubjectReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicySubjectReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-security.openshift.io/v1.SecurityContextConstraints.adoc b/rest_api/apis-security.openshift.io/v1.SecurityContextConstraints.adoc new file mode 100644 index 000000000000..c9ffc311f243 --- /dev/null +++ b/rest_api/apis-security.openshift.io/v1.SecurityContextConstraints.adoc @@ -0,0 +1,716 @@ += v1.SecurityContextConstraints +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SecurityContextConstraints governs the ability to make requests that affect the SecurityContext that will be applied to a container. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
allowHostDirVolumePlugin:
+
allowHostIPC:
+
allowHostNetwork:
+
allowHostPID:
+
allowHostPorts:
+
allowPrivilegedContainer:
+
allowedCapabilities:
+
- [string]:
+
apiVersion:
+
defaultAddCapabilities:
+
- [string]:
+
fsGroup:
+
  ranges:
+
  - max:
+
    min:
+
  type:
+
groups:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
priority:
+
readOnlyRootFilesystem:
+
requiredDropCapabilities:
+
- [string]:
+
runAsUser:
+
  type:
+
  uid:
+
  uidRangeMax:
+
  uidRangeMin:
+
seLinuxContext:
+
  seLinuxOptions:
+
    level:
+
    role:
+
    type:
+
    user:
+
  type:
+
seccompProfiles:
+
- [string]:
+
supplementalGroups:
+
  ranges:
+
  - max:
+
    min:
+
  type:
+
users:
+
- [string]:
+
volumes:
+
- [string]:
+

+
+++++ + +== Operations + +[[Post-apis-security.openshift.io-v1-securitycontextconstraints]] +=== Create a SecurityContextConstraints +Create SecurityContextConstraints + +==== HTTP request +---- +POST /apis/security.openshift.io/v1/securitycontextconstraints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SecurityContextConstraints", + "apiVersion": "security.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/securitycontextconstraints <<'EOF' +{ + "kind": "SecurityContextConstraints", + "apiVersion": "security.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-security.openshift.io-v1-securitycontextconstraints-name]] +=== Get a SecurityContextConstraints +Read the specified SecurityContextConstraints + +==== HTTP request +---- +GET /apis/security.openshift.io/v1/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/securitycontextconstraints/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-security.openshift.io-v1-securitycontextconstraints]] +=== Get all SecurityContextConstraints +List or watch objects of kind SecurityContextConstraints + +==== HTTP request +---- +GET /apis/security.openshift.io/v1/securitycontextconstraints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/securitycontextconstraints +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraintsList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-security.openshift.io-v1-watch-securitycontextconstraints-name]] +=== Watch a SecurityContextConstraints +Watch changes to an object of kind SecurityContextConstraints + +==== HTTP request +---- +GET /apis/security.openshift.io/v1/watch/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/watch/securitycontextconstraints/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-security.openshift.io-v1-watch-securitycontextconstraints]] +=== Watch all SecurityContextConstraints +Watch individual changes to a list of SecurityContextConstraints + +==== HTTP request +---- +GET /apis/security.openshift.io/v1/watch/securitycontextconstraints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/watch/securitycontextconstraints +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-security.openshift.io-v1-securitycontextconstraints-name]] +=== Update a SecurityContextConstraints +Replace the specified SecurityContextConstraints + +==== HTTP request +---- +PUT /apis/security.openshift.io/v1/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SecurityContextConstraints", + "apiVersion": "security.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/securitycontextconstraints/$NAME <<'EOF' +{ + "kind": "SecurityContextConstraints", + "apiVersion": "security.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SecurityContextConstraints +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraints +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-security.openshift.io-v1-securitycontextconstraints-name]] +=== Patch a SecurityContextConstraints +Partially update the specified SecurityContextConstraints + +==== HTTP request +---- +PATCH /apis/security.openshift.io/v1/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/securitycontextconstraints/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecurityContextConstraints +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-security.openshift.io-v1-securitycontextconstraints-name]] +=== Delete a SecurityContextConstraints +Delete SecurityContextConstraints + +==== HTTP request +---- +DELETE /apis/security.openshift.io/v1/securitycontextconstraints/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/securitycontextconstraints/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecurityContextConstraints +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-security.openshift.io-v1-securitycontextconstraints]] +=== Delete all SecurityContextConstraints +Delete collection of SecurityContextConstraints + +==== HTTP request +---- +DELETE /apis/security.openshift.io/v1/securitycontextconstraints HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/v1/securitycontextconstraints +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-storage.k8s.io/v1.StorageClass.adoc b/rest_api/apis-storage.k8s.io/v1.StorageClass.adoc new file mode 100644 index 000000000000..68116706042b --- /dev/null +++ b/rest_api/apis-storage.k8s.io/v1.StorageClass.adoc @@ -0,0 +1,677 @@ += v1.StorageClass +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned. + +StorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
parameters:
+
  [string]:
+
provisioner:
+

+
+++++ + +== Operations + +[[Post-apis-storage.k8s.io-v1-storageclasses]] +=== Create a StorageClass +Create a StorageClass + +==== HTTP request +---- +POST /apis/storage.k8s.io/v1/storageclasses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "StorageClass", + "apiVersion": "storage.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/storageclasses <<'EOF' +{ + "kind": "StorageClass", + "apiVersion": "storage.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.StorageClass +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-storage.k8s.io-v1-storageclasses-name]] +=== Get a StorageClass +Read the specified StorageClass + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/storageclasses/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.StorageClass +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-storage.k8s.io-v1-storageclasses]] +=== Get all StorageClasses +List or watch objects of kind StorageClass + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1/storageclasses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/storageclasses +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.StorageClassList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-storage.k8s.io-v1-watch-storageclasses-name]] +=== Watch a StorageClass +Watch changes to an object of kind StorageClass + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1/watch/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/watch/storageclasses/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-storage.k8s.io-v1-watch-storageclasses]] +=== Watch all StorageClasses +Watch individual changes to a list of StorageClass + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1/watch/storageclasses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/watch/storageclasses +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-storage.k8s.io-v1-storageclasses-name]] +=== Update a StorageClass +Replace the specified StorageClass + +==== HTTP request +---- +PUT /apis/storage.k8s.io/v1/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "StorageClass", + "apiVersion": "storage.k8s.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/storageclasses/$NAME <<'EOF' +{ + "kind": "StorageClass", + "apiVersion": "storage.k8s.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.StorageClass +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.StorageClass +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-storage.k8s.io-v1-storageclasses-name]] +=== Patch a StorageClass +Partially update the specified StorageClass + +==== HTTP request +---- +PATCH /apis/storage.k8s.io/v1/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/storageclasses/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.StorageClass +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-storage.k8s.io-v1-storageclasses-name]] +=== Delete a StorageClass +Delete a StorageClass + +==== HTTP request +---- +DELETE /apis/storage.k8s.io/v1/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/storageclasses/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-storage.k8s.io-v1-storageclasses]] +=== Delete all StorageClasses +Delete collection of StorageClass + +==== HTTP request +---- +DELETE /apis/storage.k8s.io/v1/storageclasses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1/storageclasses +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-storage.k8s.io/v1beta1.StorageClass.adoc b/rest_api/apis-storage.k8s.io/v1beta1.StorageClass.adoc new file mode 100644 index 000000000000..cd29cdaea734 --- /dev/null +++ b/rest_api/apis-storage.k8s.io/v1beta1.StorageClass.adoc @@ -0,0 +1,677 @@ += v1beta1.StorageClass +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned. + +StorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
parameters:
+
  [string]:
+
provisioner:
+

+
+++++ + +== Operations + +[[Post-apis-storage.k8s.io-v1beta1-storageclasses]] +=== Create a StorageClass +Create a StorageClass + +==== HTTP request +---- +POST /apis/storage.k8s.io/v1beta1/storageclasses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "StorageClass", + "apiVersion": "storage.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/storageclasses <<'EOF' +{ + "kind": "StorageClass", + "apiVersion": "storage.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StorageClass +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-storage.k8s.io-v1beta1-storageclasses-name]] +=== Get a StorageClass +Read the specified StorageClass + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1beta1/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/storageclasses/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StorageClass +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-storage.k8s.io-v1beta1-storageclasses]] +=== Get all StorageClasses +List or watch objects of kind StorageClass + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1beta1/storageclasses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/storageclasses +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StorageClassList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-storage.k8s.io-v1beta1-watch-storageclasses-name]] +=== Watch a StorageClass +Watch changes to an object of kind StorageClass + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1beta1/watch/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/watch/storageclasses/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-storage.k8s.io-v1beta1-watch-storageclasses]] +=== Watch all StorageClasses +Watch individual changes to a list of StorageClass + +==== HTTP request +---- +GET /apis/storage.k8s.io/v1beta1/watch/storageclasses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/watch/storageclasses +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-storage.k8s.io-v1beta1-storageclasses-name]] +=== Update a StorageClass +Replace the specified StorageClass + +==== HTTP request +---- +PUT /apis/storage.k8s.io/v1beta1/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "StorageClass", + "apiVersion": "storage.k8s.io/v1beta1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/storageclasses/$NAME <<'EOF' +{ + "kind": "StorageClass", + "apiVersion": "storage.k8s.io/v1beta1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.StorageClass +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StorageClass +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-storage.k8s.io-v1beta1-storageclasses-name]] +=== Patch a StorageClass +Partially update the specified StorageClass + +==== HTTP request +---- +PATCH /apis/storage.k8s.io/v1beta1/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/storageclasses/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.StorageClass +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-storage.k8s.io-v1beta1-storageclasses-name]] +=== Delete a StorageClass +Delete a StorageClass + +==== HTTP request +---- +DELETE /apis/storage.k8s.io/v1beta1/storageclasses/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/storageclasses/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the StorageClass +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-storage.k8s.io-v1beta1-storageclasses]] +=== Delete all StorageClasses +Delete collection of StorageClass + +==== HTTP request +---- +DELETE /apis/storage.k8s.io/v1beta1/storageclasses HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/v1beta1/storageclasses +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-template.openshift.io/v1.BrokerTemplateInstance.adoc b/rest_api/apis-template.openshift.io/v1.BrokerTemplateInstance.adoc new file mode 100644 index 000000000000..eb3da1ae3b77 --- /dev/null +++ b/rest_api/apis-template.openshift.io/v1.BrokerTemplateInstance.adoc @@ -0,0 +1,691 @@ += v1.BrokerTemplateInstance +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +BrokerTemplateInstance holds the service broker-related state associated with a TemplateInstance. BrokerTemplateInstance is part of an experimental API. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  bindingIDs:
+
  - [string]:
+
  secret:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  templateInstance:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+

+
+++++ + +== Operations + +[[Post-apis-template.openshift.io-v1-brokertemplateinstances]] +=== Create a BrokerTemplateInstance +Create a BrokerTemplateInstance + +==== HTTP request +---- +POST /apis/template.openshift.io/v1/brokertemplateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BrokerTemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/brokertemplateinstances <<'EOF' +{ + "kind": "BrokerTemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BrokerTemplateInstance +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BrokerTemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-template.openshift.io-v1-brokertemplateinstances-name]] +=== Get a BrokerTemplateInstance +Read the specified BrokerTemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/brokertemplateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/brokertemplateinstances/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BrokerTemplateInstance +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BrokerTemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-template.openshift.io-v1-brokertemplateinstances]] +=== Get all BrokerTemplateInstances +List or watch objects of kind BrokerTemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/brokertemplateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/brokertemplateinstances +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BrokerTemplateInstanceList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-watch-brokertemplateinstances-name]] +=== Watch a BrokerTemplateInstance +Watch changes to an object of kind BrokerTemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/watch/brokertemplateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/watch/brokertemplateinstances/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BrokerTemplateInstance +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-watch-brokertemplateinstances]] +=== Watch all BrokerTemplateInstances +Watch individual changes to a list of BrokerTemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/watch/brokertemplateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/watch/brokertemplateinstances +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-template.openshift.io-v1-brokertemplateinstances-name]] +=== Update a BrokerTemplateInstance +Replace the specified BrokerTemplateInstance + +==== HTTP request +---- +PUT /apis/template.openshift.io/v1/brokertemplateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BrokerTemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/brokertemplateinstances/$NAME <<'EOF' +{ + "kind": "BrokerTemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BrokerTemplateInstance +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BrokerTemplateInstance +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BrokerTemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-template.openshift.io-v1-brokertemplateinstances-name]] +=== Patch a BrokerTemplateInstance +Partially update the specified BrokerTemplateInstance + +==== HTTP request +---- +PATCH /apis/template.openshift.io/v1/brokertemplateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/brokertemplateinstances/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BrokerTemplateInstance +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BrokerTemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-template.openshift.io-v1-brokertemplateinstances-name]] +=== Delete a BrokerTemplateInstance +Delete a BrokerTemplateInstance + +==== HTTP request +---- +DELETE /apis/template.openshift.io/v1/brokertemplateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/brokertemplateinstances/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BrokerTemplateInstance +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-template.openshift.io-v1-brokertemplateinstances]] +=== Delete all BrokerTemplateInstances +Delete collection of BrokerTemplateInstance + +==== HTTP request +---- +DELETE /apis/template.openshift.io/v1/brokertemplateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/brokertemplateinstances +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-template.openshift.io/v1.Template.adoc b/rest_api/apis-template.openshift.io/v1.Template.adoc new file mode 100644 index 000000000000..05a07d76144b --- /dev/null +++ b/rest_api/apis-template.openshift.io/v1.Template.adoc @@ -0,0 +1,1049 @@ += v1.Template +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Template contains the inputs needed to produce a Config. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
labels:
+
  [string]:
+
message:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
objects:
+
- Raw:
+
parameters:
+
- description:
+
  displayName:
+
  from:
+
  generate:
+
  name:
+
  required:
+
  value:
+

+
+++++ + +== Operations + +[[Post-apis-template.openshift.io-v1-processedtemplates]] +=== Create a Template +Create a Template + +==== HTTP request +---- +POST /apis/template.openshift.io/v1/processedtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/processedtemplates <<'EOF' +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-template.openshift.io-v1-templates]] +=== Create a Template +Create a Template + +==== HTTP request +---- +POST /apis/template.openshift.io/v1/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/templates <<'EOF' +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-template.openshift.io-v1-namespaces-namespace-processedtemplates]] +=== Create a Template in a namespace +Create a Template + +==== HTTP request +---- +POST /apis/template.openshift.io/v1/namespaces/$NAMESPACE/processedtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/processedtemplates <<'EOF' +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-template.openshift.io-v1-namespaces-namespace-templates]] +=== Create a Template in a namespace +Create a Template + +==== HTTP request +---- +POST /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates <<'EOF' +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-template.openshift.io-v1-namespaces-namespace-templates-name]] +=== Get a Template in a namespace +Read the specified Template + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-template.openshift.io-v1-templates]] +=== Get all Templates +List or watch objects of kind Template + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/templates +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-namespaces-namespace-templates]] +=== Get all Templates in a namespace +List or watch objects of kind Template + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-watch-namespaces-namespace-templates-name]] +=== Watch a Template in a namespace +Watch changes to an object of kind Template + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/watch/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/watch/namespaces/$NAMESPACE/templates/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-watch-templates]] +=== Watch all Templates +Watch individual changes to a list of Template + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/watch/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/watch/templates +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-watch-namespaces-namespace-templates]] +=== Watch all Templates in a namespace +Watch individual changes to a list of Template + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/watch/namespaces/$NAMESPACE/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/watch/namespaces/$NAMESPACE/templates +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-template.openshift.io-v1-namespaces-namespace-templates-name]] +=== Update a Template in a namespace +Replace the specified Template + +==== HTTP request +---- +PUT /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates/$NAME <<'EOF' +{ + "kind": "Template", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-template.openshift.io-v1-namespaces-namespace-templates-name]] +=== Patch a Template in a namespace +Partially update the specified Template + +==== HTTP request +---- +PATCH /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-template.openshift.io-v1-namespaces-namespace-templates-name]] +=== Delete a Template in a namespace +Delete a Template + +==== HTTP request +---- +DELETE /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-template.openshift.io-v1-namespaces-namespace-templates]] +=== Delete all Templates in a namespace +Delete collection of Template + +==== HTTP request +---- +DELETE /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templates +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-template.openshift.io/v1.TemplateInstance.adoc b/rest_api/apis-template.openshift.io/v1.TemplateInstance.adoc new file mode 100644 index 000000000000..df437b9b0388 --- /dev/null +++ b/rest_api/apis-template.openshift.io/v1.TemplateInstance.adoc @@ -0,0 +1,1207 @@ += v1.TemplateInstance +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +TemplateInstance requests and records the instantiation of a Template. TemplateInstance is part of an experimental API. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  requester:
+
    extra:
+
      [string]:
+
    groups:
+
    - [string]:
+
    uid:
+
    username:
+
  secret:
+
    name:
+
  template:
+
    apiVersion:
+
    kind:
+
    labels:
+
      [string]:
+
    message:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    objects:
+
    - Raw:
+
    parameters:
+
    - description:
+
      displayName:
+
      from:
+
      generate:
+
      name:
+
      required:
+
      value:
+
status:
+
  conditions:
+
  - lastTransitionTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  objects:
+
  - ref:
+
  -   apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+

+
+++++ + +== Operations + +[[Post-apis-template.openshift.io-v1-templateinstances]] +=== Create a TemplateInstance +Create a TemplateInstance + +==== HTTP request +---- +POST /apis/template.openshift.io/v1/templateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "TemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/templateinstances <<'EOF' +{ + "kind": "TemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.TemplateInstance +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-apis-template.openshift.io-v1-namespaces-namespace-templateinstances]] +=== Create a TemplateInstance in a namespace +Create a TemplateInstance + +==== HTTP request +---- +POST /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "TemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances <<'EOF' +{ + "kind": "TemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.TemplateInstance +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-template.openshift.io-v1-namespaces-namespace-templateinstances-name]] +=== Get a TemplateInstance in a namespace +Read the specified TemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the TemplateInstance +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-template.openshift.io-v1-templateinstances]] +=== Get all TemplateInstances +List or watch objects of kind TemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/templateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/templateinstances +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstanceList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-namespaces-namespace-templateinstances]] +=== Get all TemplateInstances in a namespace +List or watch objects of kind TemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstanceList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-watch-namespaces-namespace-templateinstances-name]] +=== Watch a TemplateInstance in a namespace +Watch changes to an object of kind TemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/watch/namespaces/$NAMESPACE/templateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/watch/namespaces/$NAMESPACE/templateinstances/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the TemplateInstance +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-watch-templateinstances]] +=== Watch all TemplateInstances +Watch individual changes to a list of TemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/watch/templateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/watch/templateinstances +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-template.openshift.io-v1-watch-namespaces-namespace-templateinstances]] +=== Watch all TemplateInstances in a namespace +Watch individual changes to a list of TemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/watch/namespaces/$NAMESPACE/templateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/watch/namespaces/$NAMESPACE/templateinstances +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-template.openshift.io-v1-namespaces-namespace-templateinstances-name]] +=== Update a TemplateInstance in a namespace +Replace the specified TemplateInstance + +==== HTTP request +---- +PUT /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "TemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME <<'EOF' +{ + "kind": "TemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.TemplateInstance +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the TemplateInstance +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-template.openshift.io-v1-namespaces-namespace-templateinstances-name]] +=== Patch a TemplateInstance in a namespace +Partially update the specified TemplateInstance + +==== HTTP request +---- +PATCH /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the TemplateInstance +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-template.openshift.io-v1-namespaces-namespace-templateinstances-name]] +=== Delete a TemplateInstance in a namespace +Delete a TemplateInstance + +==== HTTP request +---- +DELETE /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the TemplateInstance +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-template.openshift.io-v1-namespaces-namespace-templateinstances]] +=== Delete all TemplateInstances in a namespace +Delete collection of TemplateInstance + +==== HTTP request +---- +DELETE /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-template.openshift.io-v1-namespaces-namespace-templateinstances-name-status]] +=== Get status of a TemplateInstance in a namespace +Read status of the specified TemplateInstance + +==== HTTP request +---- +GET /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the TemplateInstance +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-template.openshift.io-v1-namespaces-namespace-templateinstances-name-status]] +=== Update status of a TemplateInstance in a namespace +Replace status of the specified TemplateInstance + +==== HTTP request +---- +PUT /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "TemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME/status <<'EOF' +{ + "kind": "TemplateInstance", + "apiVersion": "template.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.TemplateInstance +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the TemplateInstance +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-template.openshift.io-v1-namespaces-namespace-templateinstances-name-status]] +=== Patch status of a TemplateInstance in a namespace +Partially update status of the specified TemplateInstance + +==== HTTP request +---- +PATCH /apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the TemplateInstance +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateInstance +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-user.openshift.io/v1.Group.adoc b/rest_api/apis-user.openshift.io/v1.Group.adoc new file mode 100644 index 000000000000..008d45c2937b --- /dev/null +++ b/rest_api/apis-user.openshift.io/v1.Group.adoc @@ -0,0 +1,674 @@ += v1.Group +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Group represents a referenceable set of Users + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
users:
+
- [string]:
+

+
+++++ + +== Operations + +[[Post-apis-user.openshift.io-v1-groups]] +=== Create a Group +Create a Group + +==== HTTP request +---- +POST /apis/user.openshift.io/v1/groups HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Group", + "apiVersion": "user.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/groups <<'EOF' +{ + "kind": "Group", + "apiVersion": "user.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Group +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-user.openshift.io-v1-groups-name]] +=== Get a Group +Read the specified Group + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/groups/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Group +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-user.openshift.io-v1-groups]] +=== Get all Groups +List or watch objects of kind Group + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/groups HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/groups +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.GroupList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-user.openshift.io-v1-watch-groups-name]] +=== Watch a Group +Watch changes to an object of kind Group + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/watch/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/watch/groups/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-user.openshift.io-v1-watch-groups]] +=== Watch all Groups +Watch individual changes to a list of Group + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/watch/groups HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/watch/groups +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-user.openshift.io-v1-groups-name]] +=== Update a Group +Replace the specified Group + +==== HTTP request +---- +PUT /apis/user.openshift.io/v1/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Group", + "apiVersion": "user.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/groups/$NAME <<'EOF' +{ + "kind": "Group", + "apiVersion": "user.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Group +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Group +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-user.openshift.io-v1-groups-name]] +=== Patch a Group +Partially update the specified Group + +==== HTTP request +---- +PATCH /apis/user.openshift.io/v1/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/groups/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Group +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-user.openshift.io-v1-groups-name]] +=== Delete a Group +Delete a Group + +==== HTTP request +---- +DELETE /apis/user.openshift.io/v1/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/groups/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-user.openshift.io-v1-groups]] +=== Delete all Groups +Delete collection of Group + +==== HTTP request +---- +DELETE /apis/user.openshift.io/v1/groups HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/groups +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-user.openshift.io/v1.Identity.adoc b/rest_api/apis-user.openshift.io/v1.Identity.adoc new file mode 100644 index 000000000000..3ed9cac921b3 --- /dev/null +++ b/rest_api/apis-user.openshift.io/v1.Identity.adoc @@ -0,0 +1,684 @@ += v1.Identity +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Identity records a successful authentication of a user with an identity provider. The information about the source of authentication is stored on the identity, and the identity is then associated with a single user object. Multiple identities can reference a single user. Information retrieved from the authentication provider is stored in the extra field using a schema determined by the provider. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
extra:
+
  [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
providerName:
+
providerUserName:
+
user:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-apis-user.openshift.io-v1-identities]] +=== Create a Identity +Create an Identity + +==== HTTP request +---- +POST /apis/user.openshift.io/v1/identities HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Identity", + "apiVersion": "user.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/identities <<'EOF' +{ + "kind": "Identity", + "apiVersion": "user.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Identity +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-user.openshift.io-v1-identities-name]] +=== Get a Identity +Read the specified Identity + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/identities/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Identity +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-user.openshift.io-v1-identities]] +=== Get all Identities +List or watch objects of kind Identity + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/identities HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/identities +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.IdentityList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-user.openshift.io-v1-watch-identities-name]] +=== Watch a Identity +Watch changes to an object of kind Identity + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/watch/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/watch/identities/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-user.openshift.io-v1-watch-identities]] +=== Watch all Identities +Watch individual changes to a list of Identity + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/watch/identities HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/watch/identities +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-user.openshift.io-v1-identities-name]] +=== Update a Identity +Replace the specified Identity + +==== HTTP request +---- +PUT /apis/user.openshift.io/v1/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Identity", + "apiVersion": "user.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/identities/$NAME <<'EOF' +{ + "kind": "Identity", + "apiVersion": "user.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Identity +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Identity +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-user.openshift.io-v1-identities-name]] +=== Patch a Identity +Partially update the specified Identity + +==== HTTP request +---- +PATCH /apis/user.openshift.io/v1/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/identities/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Identity +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-user.openshift.io-v1-identities-name]] +=== Delete a Identity +Delete an Identity + +==== HTTP request +---- +DELETE /apis/user.openshift.io/v1/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/identities/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-user.openshift.io-v1-identities]] +=== Delete all Identities +Delete collection of Identity + +==== HTTP request +---- +DELETE /apis/user.openshift.io/v1/identities HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/identities +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-user.openshift.io/v1.User.adoc b/rest_api/apis-user.openshift.io/v1.User.adoc new file mode 100644 index 000000000000..3c6a0fc38ac0 --- /dev/null +++ b/rest_api/apis-user.openshift.io/v1.User.adoc @@ -0,0 +1,677 @@ += v1.User +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Upon log in, every user of the system receives a User and Identity resource. Administrators may directly manipulate the attributes of the users for their own tracking, or set groups via the API. The user name is unique and is chosen based on the value provided by the identity provider - if a user already exists with the incoming name, the user name may have a number appended to it depending on the configuration of the system. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
fullName:
+
groups:
+
- [string]:
+
identities:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-apis-user.openshift.io-v1-users]] +=== Create a User +Create an User + +==== HTTP request +---- +POST /apis/user.openshift.io/v1/users HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "User", + "apiVersion": "user.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/users <<'EOF' +{ + "kind": "User", + "apiVersion": "user.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.User +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-user.openshift.io-v1-users-name]] +=== Get a User +Read the specified User + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/users/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.User +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-user.openshift.io-v1-users]] +=== Get all Users +List or watch objects of kind User + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/users HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/users +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-user.openshift.io-v1-watch-users-name]] +=== Watch a User +Watch changes to an object of kind User + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/watch/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/watch/users/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-apis-user.openshift.io-v1-watch-users]] +=== Watch all Users +Watch individual changes to a list of User + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/watch/users HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/watch/users +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-apis-user.openshift.io-v1-users-name]] +=== Update a User +Replace the specified User + +==== HTTP request +---- +PUT /apis/user.openshift.io/v1/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "User", + "apiVersion": "user.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/users/$NAME <<'EOF' +{ + "kind": "User", + "apiVersion": "user.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.User +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.User +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-user.openshift.io-v1-users-name]] +=== Patch a User +Partially update the specified User + +==== HTTP request +---- +PATCH /apis/user.openshift.io/v1/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/users/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.User +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-user.openshift.io-v1-users-name]] +=== Delete a User +Delete an User + +==== HTTP request +---- +DELETE /apis/user.openshift.io/v1/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/users/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-user.openshift.io-v1-users]] +=== Delete all Users +Delete collection of User + +==== HTTP request +---- +DELETE /apis/user.openshift.io/v1/users HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/users +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis-user.openshift.io/v1.UserIdentityMapping.adoc b/rest_api/apis-user.openshift.io/v1.UserIdentityMapping.adoc new file mode 100644 index 000000000000..249e8d55c1d1 --- /dev/null +++ b/rest_api/apis-user.openshift.io/v1.UserIdentityMapping.adoc @@ -0,0 +1,442 @@ += v1.UserIdentityMapping +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +UserIdentityMapping maps a user to an identity + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
identity:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
user:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-apis-user.openshift.io-v1-useridentitymappings]] +=== Create a UserIdentityMapping +Create an UserIdentityMapping + +==== HTTP request +---- +POST /apis/user.openshift.io/v1/useridentitymappings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "UserIdentityMapping", + "apiVersion": "user.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/useridentitymappings <<'EOF' +{ + "kind": "UserIdentityMapping", + "apiVersion": "user.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserIdentityMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-user.openshift.io-v1-useridentitymappings-name]] +=== Get a UserIdentityMapping +Read the specified UserIdentityMapping + +==== HTTP request +---- +GET /apis/user.openshift.io/v1/useridentitymappings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/useridentitymappings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserIdentityMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-apis-user.openshift.io-v1-useridentitymappings-name]] +=== Update a UserIdentityMapping +Replace the specified UserIdentityMapping + +==== HTTP request +---- +PUT /apis/user.openshift.io/v1/useridentitymappings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "UserIdentityMapping", + "apiVersion": "user.openshift.io/v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/useridentitymappings/$NAME <<'EOF' +{ + "kind": "UserIdentityMapping", + "apiVersion": "user.openshift.io/v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.UserIdentityMapping +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserIdentityMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-apis-user.openshift.io-v1-useridentitymappings-name]] +=== Patch a UserIdentityMapping +Partially update the specified UserIdentityMapping + +==== HTTP request +---- +PATCH /apis/user.openshift.io/v1/useridentitymappings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/useridentitymappings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserIdentityMapping +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-apis-user.openshift.io-v1-useridentitymappings-name]] +=== Delete a UserIdentityMapping +Delete an UserIdentityMapping + +==== HTTP request +---- +DELETE /apis/user.openshift.io/v1/useridentitymappings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/v1/useridentitymappings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis/v1.APIGroup.adoc b/rest_api/apis/v1.APIGroup.adoc new file mode 100644 index 000000000000..09946eb36879 --- /dev/null +++ b/rest_api/apis/v1.APIGroup.adoc @@ -0,0 +1,982 @@ += v1.APIGroup +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +APIGroup contains the name, the supported versions, and the preferred version of a group. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
name:
+
preferredVersion:
+
  groupVersion:
+
  version:
+
serverAddressByClientCIDRs:
+
- clientCIDR:
+
  serverAddress:
+
versions:
+
- groupVersion:
+
  version:
+

+
+++++ + +== Operations + +[[Get-apis-apps.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/apps.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-apps]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/apps/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/apps/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authentication.k8s.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/authentication.k8s.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authentication.k8s.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.k8s.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/authorization.k8s.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.k8s.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-authorization.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/authorization.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/authorization.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-autoscaling]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/autoscaling/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/autoscaling/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-batch]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/batch/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/batch/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-build.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/build.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/build.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-certificates.k8s.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/certificates.k8s.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/certificates.k8s.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-extensions]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/extensions/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/extensions/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-image.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/image.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/image.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-network.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/network.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/network.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-networking.k8s.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/networking.k8s.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/networking.k8s.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-oauth.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/oauth.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/oauth.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-policy]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/policy/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/policy/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-project.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/project.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/project.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-quota.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/quota.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/quota.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-rbac.authorization.k8s.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/rbac.authorization.k8s.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/rbac.authorization.k8s.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-route.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/route.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/route.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-security.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/security.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/security.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-storage.k8s.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/storage.k8s.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/storage.k8s.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-template.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/template.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-apis-user.openshift.io]] +=== Get all APIGroups +Get information of a group + +==== HTTP request +---- +GET /apis/user.openshift.io/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/user.openshift.io/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroup +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/apis/v1.APIGroupList.adoc b/rest_api/apis/v1.APIGroupList.adoc new file mode 100644 index 000000000000..8265a842bd7c --- /dev/null +++ b/rest_api/apis/v1.APIGroupList.adoc @@ -0,0 +1,83 @@ += v1.APIGroupList +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
groups:
+
- apiVersion:
+
  kind:
+
  name:
+
  preferredVersion:
+
    groupVersion:
+
    version:
+
  serverAddressByClientCIDRs:
+
  - clientCIDR:
+
    serverAddress:
+
  versions:
+
  - groupVersion:
+
    version:
+
kind:
+

+
+++++ + +== Operations + +[[Get-apis]] +=== Get all APIGroupLists +Get available API versions + +==== HTTP request +---- +GET /apis/ HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/ +---- + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.APIGroupList +|401 Unauthorized| +|=== + +==== Consumes + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/examples.adoc b/rest_api/examples.adoc new file mode 100644 index 000000000000..485cd5a9c887 --- /dev/null +++ b/rest_api/examples.adoc @@ -0,0 +1,128 @@ +[[rest-api-examples]] += Rest API Examples +{product-author} +{product-version} +:data-uri: +:icons: +:experimental: +:toc: macro +:toc-title: + +toc::[] +{nbsp} + +This page includes usage examples for OpenShift's REST API. The examples are +presented as link:https://curl.haxx.se/[curl] and +link:https://stedolan.github.io/jq/[jq] command calls. The examples are +parameterised using environment variables as follows: + +[options="header",cols="1,3"] +|=== +| Environment variable +| Purpose + +| TOKEN +| Authentication token for OpenShift. If using X.509 authentication, remove lines +referencing $TOKEN and provide a client certificate and key instead. For +example, the curl `--cert` and `--key` arguments. + +| ENDPOINT +| TCP endpoint of OpenShift API server, such as 127.0.0.1:8443. Without loss of +generality, in these examples it is assumed that the API server is presented by +HTTPS and that it may be accessed insecurely. + +| NAMESPACE +| Namespace to use for namespaced objects. +|=== + +To try out the usage examples by copy/paste, first set all of the previously mentioned +environment variables, for example: + +---- +TOKEN=$(oc whoami -t) +ENDPOINT=$(oc config current-context | cut -d/ -f2 | tr - .) +NAMESPACE=$(oc config current-context | cut -d/ -f1) +---- + +[[template-instantiation]] +== Template Instantiation + +<> include one or more +objects to be instantiated, as well as optionally specifying parameters to be +used at instantiation time. The flow to instantiate a +<> using the +<> API +follows: + +1. To set any parameter values (e.g. to override default values specified in the + <> or to specify + parameter values which have no defaults), + <> + containing the necessary values. ++ +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/api/v1/namespaces/$NAMESPACE/secrets <<'EOF' +{ + "kind": "Secret", + "apiVersion": "v1", + "metadata": { + "name": "secret" + }, + "stringData": { + "NAME": "example" + } +} +EOF +---- + +1. <> + containing the whole template you want to instantiate, and a reference to the + <> created above. ++ +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances <> + or + <> + until either the `Ready` or `InstantiateFailure` condition types report + status `True`. ++ +---- +$ while ! curl -s -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/apis/template.openshift.io/v1/namespaces/$NAMESPACE/templateinstances/templateinstance | \ + jq -e '.status.conditions[] | select(.status == "True") | .type'; do + sleep 1 + done +---- diff --git a/rest_api/index.adoc b/rest_api/index.adoc index 05ecc23669de..fba459733a7f 100644 --- a/rest_api/index.adoc +++ b/rest_api/index.adoc @@ -44,7 +44,7 @@ command: ---- $ oc login -u test_user Using project "test". -$ oc whoami -t +$ oc whoami --token dIAo76N-W-GXK3S_w_KsC6DmH3MzP79zq7jbMQvCOUo ---- @@ -89,7 +89,7 @@ be created and deleted as needed with the appropriate role(s) assigned. See xref:../architecture/additional_concepts/authorization.adoc#roles[Authorization] in the Architecture documentation for a deeper discussion on roles. -[[rest-api-examples]] +[[rest-api-index-examples]] == Examples These examples provide a quick reference for making successful REST API calls. @@ -200,7 +200,7 @@ ifdef::openshift-enterprise,openshift-origin[] The OpenShift Container Registry allows the users to manipulate the image signatures using its own API. See -xref:../install_config/registry/accessing_registry.adoc#install-config-registry-accessing[Reading and Writing Image Signatures] for more information. +xref:../admin_guide/image_signatures.adoc#accessing-image-signatures-using-registry-api[Accessing Image Signatures Using Registry API] for more information. endif::[] [[rest-api-websockets]] diff --git a/rest_api/oapi/v1.AppliedClusterResourceQuota.adoc b/rest_api/oapi/v1.AppliedClusterResourceQuota.adoc new file mode 100644 index 000000000000..2f9b5b227512 --- /dev/null +++ b/rest_api/oapi/v1.AppliedClusterResourceQuota.adoc @@ -0,0 +1,296 @@ += v1.AppliedClusterResourceQuota +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +AppliedClusterResourceQuota mirrors ClusterResourceQuota at a project scope, for projection into a project. It allows a project-admin to know which ClusterResourceQuotas are applied to his project and their associated usage. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  quota:
+
    hard:
+
      [string]:
+
    scopes:
+
    - [string]:
+
  selector:
+
    annotations:
+
      [string]:
+
    labels:
+
      matchExpressions:
+
      - key:
+
        operator:
+
        values:
+
        - [string]:
+
      matchLabels:
+
        [string]:
+
status:
+
  namespaces:
+
  - namespace:
+
    status:
+
      hard:
+
        [string]:
+
      used:
+
        [string]:
+
  total:
+
    hard:
+
      [string]:
+
    used:
+
      [string]:
+

+
+++++ + +== Operations + +[[Get-oapi-v1-namespaces-namespace-appliedclusterresourcequotas-name]] +=== Get a AppliedClusterResourceQuota in a namespace +Read the specified AppliedClusterResourceQuota + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/appliedclusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/appliedclusterresourcequotas/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the AppliedClusterResourceQuota +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.AppliedClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-appliedclusterresourcequotas]] +=== Get all AppliedClusterResourceQuotas +List objects of kind AppliedClusterResourceQuota + +==== HTTP request +---- +GET /oapi/v1/appliedclusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/appliedclusterresourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.AppliedClusterResourceQuotaList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-appliedclusterresourcequotas]] +=== Get all AppliedClusterResourceQuotas in a namespace +List objects of kind AppliedClusterResourceQuota + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/appliedclusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/appliedclusterresourcequotas +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.AppliedClusterResourceQuotaList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + + diff --git a/rest_api/oapi/v1.Build.adoc b/rest_api/oapi/v1.Build.adoc new file mode 100644 index 000000000000..acbb327ce33e --- /dev/null +++ b/rest_api/oapi/v1.Build.adoc @@ -0,0 +1,1429 @@ +[[rest-api-v1-build]] += v1.Build +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Build encapsulates the inputs needed to produce a new deployable image, as well as the status of the execution and a reference to the Pod which executed the build. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  completionDeadlineSeconds:
+
  nodeSelector:
+
    [string]:
+
  output:
+
    imageLabels:
+
    - name:
+
      value:
+
    pushSecret:
+
      name:
+
    to:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
  postCommit:
+
    args:
+
    - [string]:
+
    command:
+
    - [string]:
+
    script:
+
  resources:
+
    limits:
+
      [string]:
+
    requests:
+
      [string]:
+
  revision:
+
    git:
+
      author:
+
        email:
+
        name:
+
      commit:
+
      committer:
+
        email:
+
        name:
+
      message:
+
    type:
+
  serviceAccount:
+
  source:
+
    binary:
+
      asFile:
+
    contextDir:
+
    dockerfile:
+
    git:
+
      httpProxy:
+
      httpsProxy:
+
      noProxy:
+
      ref:
+
      uri:
+
    images:
+
    - from:
+
    -   apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      paths:
+
      - destinationDir:
+
        sourcePath:
+
      pullSecret:
+
        name:
+
    secrets:
+
    - destinationDir:
+
      secret:
+
        name:
+
    sourceSecret:
+
      name:
+
    type:
+
  strategy:
+
    customStrategy:
+
      buildAPIVersion:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      exposeDockerSocket:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      pullSecret:
+
        name:
+
      secrets:
+
      - mountPath:
+
        secretSource:
+
          name:
+
    dockerStrategy:
+
      buildArgs:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      dockerfilePath:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      imageOptimizationPolicy:
+
      noCache:
+
      pullSecret:
+
        name:
+
    jenkinsPipelineStrategy:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      jenkinsfile:
+
      jenkinsfilePath:
+
    sourceStrategy:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      incremental:
+
      pullSecret:
+
        name:
+
      runtimeArtifacts:
+
      - destinationDir:
+
        sourcePath:
+
      runtimeImage:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      scripts:
+
    type:
+
  triggeredBy:
+
  - bitbucketWebHook:
+
  -   revision:
+
  -     git:
+
  -       author:
+
  -         email:
+
            name:
+
          commit:
+
          committer:
+
            email:
+
            name:
+
          message:
+
        type:
+
      secret:
+
    genericWebHook:
+
      revision:
+
        git:
+
          author:
+
            email:
+
            name:
+
          commit:
+
          committer:
+
            email:
+
            name:
+
          message:
+
        type:
+
      secret:
+
    githubWebHook:
+
      revision:
+
        git:
+
          author:
+
            email:
+
            name:
+
          commit:
+
          committer:
+
            email:
+
            name:
+
          message:
+
        type:
+
      secret:
+
    gitlabWebHook:
+
      revision:
+
        git:
+
          author:
+
            email:
+
            name:
+
          commit:
+
          committer:
+
            email:
+
            name:
+
          message:
+
        type:
+
      secret:
+
    imageChangeBuild:
+
      fromRef:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      imageID:
+
    message:
+
status:
+
  cancelled:
+
  completionTimestamp:
+
  config:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  duration:
+
  logSnippet:
+
  message:
+
  output:
+
    to:
+
      imageDigest:
+
  outputDockerImageReference:
+
  phase:
+
  reason:
+
  stages:
+
  - durationMilliseconds:
+
    name:
+
    startTime:
+
    steps:
+
    - durationMilliseconds:
+
      name:
+
      startTime:
+
  startTimestamp:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-builds]] +=== Create a Build +Create a Build + +==== HTTP request +---- +POST /oapi/v1/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Build", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/builds <<'EOF' +{ + "kind": "Build", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Build +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-builds]] +=== Create a Build in a namespace +Create a Build + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Build", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds <<'EOF' +{ + "kind": "Build", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Build +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-builds-name]] +=== Get a Build in a namespace +Read the specified Build + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-builds]] +=== Get all Builds +List or watch objects of kind Build + +==== HTTP request +---- +GET /oapi/v1/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/builds +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-builds]] +=== Get all Builds in a namespace +List or watch objects of kind Build + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-builds-name]] +=== Watch a Build in a namespace +Watch changes to an object of kind Build + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/builds/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-builds]] +=== Watch all Builds +Watch individual changes to a list of Build + +==== HTTP request +---- +GET /oapi/v1/watch/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/builds +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-builds]] +=== Watch all Builds in a namespace +Watch individual changes to a list of Build + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/builds +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-builds-name]] +=== Update a Build in a namespace +Replace the specified Build + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Build", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds/$NAME <<'EOF' +{ + "kind": "Build", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Build +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-builds-name]] +=== Patch a Build in a namespace +Partially update the specified Build + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-builds-name]] +=== Delete a Build in a namespace +Delete a Build + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/builds/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-builds]] +=== Delete all Builds in a namespace +Delete collection of Build + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/builds HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-builds-name-clone]] +=== Create clone of a Build in a namespace +Create clone of a BuildRequest + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/builds/$NAME/clone HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildRequest", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds/$NAME/clone <<'EOF' +{ + "kind": "BuildRequest", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildRequest +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildRequest +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-oapi-v1-namespaces-namespace-builds-name-details]] +=== Update details of a Build in a namespace +Replace details of the specified Build + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/builds/$NAME/details HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Build", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds/$NAME/details <<'EOF' +{ + "kind": "Build", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Build +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Build +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-builds-name-log]] +=== Get log of a Build in a namespace +Read log of the specified BuildLog + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/builds/$NAME/log HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/builds/$NAME/log +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildLog +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|container|cointainer for which to stream logs. Defaults to only container if there is one container in the pod. +|follow|follow if true indicates that the build log should be streamed until the build terminates. +|limitBytes|limitBytes, If set, is the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit. +|nowait|noWait if true causes the call to return immediately even if the build is not available yet. Otherwise the server will wait until the build has started. +|pretty|If 'true', then the output is pretty printed. +|previous|previous returns previous build logs. Defaults to false. +|sinceSeconds|sinceSeconds is a relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified. +|tailLines|tailLines, If set, is the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime +|timestamps|timestamps, If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false. +|version|version of the build for which to view logs. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildLog +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.BuildConfig.adoc b/rest_api/oapi/v1.BuildConfig.adoc new file mode 100644 index 000000000000..1b5c55b53e63 --- /dev/null +++ b/rest_api/oapi/v1.BuildConfig.adoc @@ -0,0 +1,1389 @@ += v1.BuildConfig +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Build configurations define a build process for new Docker images. There are three types of builds possible - a Docker build using a Dockerfile, a Source-to-Image build that uses a specially prepared base image that accepts source code that it can make runnable, and a custom build that can run // arbitrary Docker images as a base and accept the build parameters. Builds run on the cluster and on completion are pushed to the Docker registry specified in the "output" section. A build can be triggered via a webhook, when the base image changes, or when a user manually requests a new build be // created. + +Each build created by a build configuration is numbered and refers back to its parent configuration. Multiple builds can be triggered at once. Builds that do not have "output" set can be used to test code or run a verification build. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  completionDeadlineSeconds:
+
  failedBuildsHistoryLimit:
+
  nodeSelector:
+
    [string]:
+
  output:
+
    imageLabels:
+
    - name:
+
      value:
+
    pushSecret:
+
      name:
+
    to:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
  postCommit:
+
    args:
+
    - [string]:
+
    command:
+
    - [string]:
+
    script:
+
  resources:
+
    limits:
+
      [string]:
+
    requests:
+
      [string]:
+
  revision:
+
    git:
+
      author:
+
        email:
+
        name:
+
      commit:
+
      committer:
+
        email:
+
        name:
+
      message:
+
    type:
+
  runPolicy:
+
  serviceAccount:
+
  source:
+
    binary:
+
      asFile:
+
    contextDir:
+
    dockerfile:
+
    git:
+
      httpProxy:
+
      httpsProxy:
+
      noProxy:
+
      ref:
+
      uri:
+
    images:
+
    - from:
+
    -   apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      paths:
+
      - destinationDir:
+
        sourcePath:
+
      pullSecret:
+
        name:
+
    secrets:
+
    - destinationDir:
+
      secret:
+
        name:
+
    sourceSecret:
+
      name:
+
    type:
+
  strategy:
+
    customStrategy:
+
      buildAPIVersion:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      exposeDockerSocket:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      pullSecret:
+
        name:
+
      secrets:
+
      - mountPath:
+
        secretSource:
+
          name:
+
    dockerStrategy:
+
      buildArgs:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      dockerfilePath:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      imageOptimizationPolicy:
+
      noCache:
+
      pullSecret:
+
        name:
+
    jenkinsPipelineStrategy:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      jenkinsfile:
+
      jenkinsfilePath:
+
    sourceStrategy:
+
      env:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      forcePull:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      incremental:
+
      pullSecret:
+
        name:
+
      runtimeArtifacts:
+
      - destinationDir:
+
        sourcePath:
+
      runtimeImage:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      scripts:
+
    type:
+
  successfulBuildsHistoryLimit:
+
  triggers:
+
  - bitbucket:
+
  -   allowEnv:
+
      secret:
+
    generic:
+
      allowEnv:
+
      secret:
+
    github:
+
      allowEnv:
+
      secret:
+
    gitlab:
+
      allowEnv:
+
      secret:
+
    imageChange:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      lastTriggeredImageID:
+
    type:
+
status:
+
  lastVersion:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-buildconfigs]] +=== Create a BuildConfig +Create a BuildConfig + +==== HTTP request +---- +POST /oapi/v1/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildConfig", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/buildconfigs <<'EOF' +{ + "kind": "BuildConfig", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildConfig +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-buildconfigs]] +=== Create a BuildConfig in a namespace +Create a BuildConfig + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildConfig", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs <<'EOF' +{ + "kind": "BuildConfig", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-buildconfigs-name]] +=== Get a BuildConfig in a namespace +Read the specified BuildConfig + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-buildconfigs]] +=== Get all BuildConfigs +List or watch objects of kind BuildConfig + +==== HTTP request +---- +GET /oapi/v1/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/buildconfigs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfigList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-buildconfigs]] +=== Get all BuildConfigs in a namespace +List or watch objects of kind BuildConfig + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfigList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-buildconfigs-name]] +=== Watch a BuildConfig in a namespace +Watch changes to an object of kind BuildConfig + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/buildconfigs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-buildconfigs]] +=== Watch all BuildConfigs +Watch individual changes to a list of BuildConfig + +==== HTTP request +---- +GET /oapi/v1/watch/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/buildconfigs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-buildconfigs]] +=== Watch all BuildConfigs in a namespace +Watch individual changes to a list of BuildConfig + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/buildconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-buildconfigs-name]] +=== Update a BuildConfig in a namespace +Replace the specified BuildConfig + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildConfig", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME <<'EOF' +{ + "kind": "BuildConfig", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-buildconfigs-name]] +=== Patch a BuildConfig in a namespace +Partially update the specified BuildConfig + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildConfig +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-buildconfigs-name]] +=== Delete a BuildConfig in a namespace +Delete a BuildConfig + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-buildconfigs]] +=== Delete all BuildConfigs in a namespace +Delete collection of BuildConfig + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/buildconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-buildconfigs-name-instantiate]] +=== Create instantiate of a BuildConfig in a namespace +Create instantiate of a BuildRequest + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/instantiate HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "BuildRequest", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/instantiate <<'EOF' +{ + "kind": "BuildRequest", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.BuildRequest +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BuildRequest +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.BuildRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-buildconfigs-name-instantiatebinary]] +=== Create instantiatebinary of a BuildConfig in a namespace +Connect POST requests to instantiatebinary of BinaryBuildRequestOptions + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/instantiatebinary HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/instantiatebinary +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the BinaryBuildRequestOptions +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|asFile|asFile determines if the binary should be created as a file within the source rather than extracted as an archive +|revision.authorEmail|revision.authorEmail of the source control user +|revision.authorName|revision.authorName of the source control user +|revision.commit|revision.commit is the value identifying a specific commit +|revision.committerEmail|revision.committerEmail of the source control user +|revision.committerName|revision.committerName of the source control user +|revision.message|revision.message is the description of a specific commit +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-oapi-v1-namespaces-namespace-buildconfigs-name-webhooks]] +=== Create webhooks of a BuildConfig in a namespace +Connect POST requests to webhooks of Build + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/webhooks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/webhooks +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + +[[Post-oapi-v1-namespaces-namespace-buildconfigs-name-webhooks-path]] +=== Create webhooks/{path} of a BuildConfig in a namespace +Connect POST requests to webhooks of Build + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/webhooks/$PATH HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/buildconfigs/$NAME/webhooks/$PATH +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Build +|namespace|object name and auth scope, such as for teams and projects +|path|path to the resource +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|path|Path is the URL path to use for the current proxy request to pod. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|string +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* \*/* + + + diff --git a/rest_api/oapi/v1.ClusterNetwork.adoc b/rest_api/oapi/v1.ClusterNetwork.adoc new file mode 100644 index 000000000000..67baf5d9b27e --- /dev/null +++ b/rest_api/oapi/v1.ClusterNetwork.adoc @@ -0,0 +1,676 @@ += v1.ClusterNetwork +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterNetwork describes the cluster network. There is normally only one object of this type, named "default", which is created by the SDN network plugin based on the master configuration when the cluster is brought up for the first time. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
hostsubnetlength:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
network:
+
pluginName:
+
serviceNetwork:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-clusternetworks]] +=== Create a ClusterNetwork +Create a ClusterNetwork + +==== HTTP request +---- +POST /oapi/v1/clusternetworks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterNetwork", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusternetworks <<'EOF' +{ + "kind": "ClusterNetwork", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetwork +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-clusternetworks-name]] +=== Get a ClusterNetwork +Read the specified ClusterNetwork + +==== HTTP request +---- +GET /oapi/v1/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusternetworks/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetwork +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-clusternetworks]] +=== Get all ClusterNetworks +List or watch objects of kind ClusterNetwork + +==== HTTP request +---- +GET /oapi/v1/clusternetworks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusternetworks +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetworkList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-clusternetworks-name]] +=== Watch a ClusterNetwork +Watch changes to an object of kind ClusterNetwork + +==== HTTP request +---- +GET /oapi/v1/watch/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/clusternetworks/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-clusternetworks]] +=== Watch all ClusterNetworks +Watch individual changes to a list of ClusterNetwork + +==== HTTP request +---- +GET /oapi/v1/watch/clusternetworks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/clusternetworks +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-clusternetworks-name]] +=== Update a ClusterNetwork +Replace the specified ClusterNetwork + +==== HTTP request +---- +PUT /oapi/v1/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterNetwork", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusternetworks/$NAME <<'EOF' +{ + "kind": "ClusterNetwork", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterNetwork +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetwork +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-clusternetworks-name]] +=== Patch a ClusterNetwork +Partially update the specified ClusterNetwork + +==== HTTP request +---- +PATCH /oapi/v1/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/clusternetworks/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterNetwork +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-clusternetworks-name]] +=== Delete a ClusterNetwork +Delete a ClusterNetwork + +==== HTTP request +---- +DELETE /oapi/v1/clusternetworks/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusternetworks/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterNetwork +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-clusternetworks]] +=== Delete all ClusterNetworks +Delete collection of ClusterNetwork + +==== HTTP request +---- +DELETE /oapi/v1/clusternetworks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusternetworks +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ClusterResourceQuota.adoc b/rest_api/oapi/v1.ClusterResourceQuota.adoc new file mode 100644 index 000000000000..64568d95fd0b --- /dev/null +++ b/rest_api/oapi/v1.ClusterResourceQuota.adoc @@ -0,0 +1,907 @@ += v1.ClusterResourceQuota +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterResourceQuota mirrors ResourceQuota at a cluster scope. This object is easily convertible to synthetic ResourceQuota object to allow quota evaluation re-use. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  quota:
+
    hard:
+
      [string]:
+
    scopes:
+
    - [string]:
+
  selector:
+
    annotations:
+
      [string]:
+
    labels:
+
      matchExpressions:
+
      - key:
+
        operator:
+
        values:
+
        - [string]:
+
      matchLabels:
+
        [string]:
+
status:
+
  namespaces:
+
  - namespace:
+
    status:
+
      hard:
+
        [string]:
+
      used:
+
        [string]:
+
  total:
+
    hard:
+
      [string]:
+
    used:
+
      [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-clusterresourcequotas]] +=== Create a ClusterResourceQuota +Create a ClusterResourceQuota + +==== HTTP request +---- +POST /oapi/v1/clusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterResourceQuota", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas <<'EOF' +{ + "kind": "ClusterResourceQuota", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-clusterresourcequotas-name]] +=== Get a ClusterResourceQuota +Read the specified ClusterResourceQuota + +==== HTTP request +---- +GET /oapi/v1/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-clusterresourcequotas]] +=== Get all ClusterResourceQuotas +List or watch objects of kind ClusterResourceQuota + +==== HTTP request +---- +GET /oapi/v1/clusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuotaList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-clusterresourcequotas-name]] +=== Watch a ClusterResourceQuota +Watch changes to an object of kind ClusterResourceQuota + +==== HTTP request +---- +GET /oapi/v1/watch/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/clusterresourcequotas/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-clusterresourcequotas]] +=== Watch all ClusterResourceQuotas +Watch individual changes to a list of ClusterResourceQuota + +==== HTTP request +---- +GET /oapi/v1/watch/clusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/clusterresourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-clusterresourcequotas-name]] +=== Update a ClusterResourceQuota +Replace the specified ClusterResourceQuota + +==== HTTP request +---- +PUT /oapi/v1/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterResourceQuota", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas/$NAME <<'EOF' +{ + "kind": "ClusterResourceQuota", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterResourceQuota +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-clusterresourcequotas-name]] +=== Patch a ClusterResourceQuota +Partially update the specified ClusterResourceQuota + +==== HTTP request +---- +PATCH /oapi/v1/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-clusterresourcequotas-name]] +=== Delete a ClusterResourceQuota +Delete a ClusterResourceQuota + +==== HTTP request +---- +DELETE /oapi/v1/clusterresourcequotas/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-clusterresourcequotas]] +=== Delete all ClusterResourceQuotas +Delete collection of ClusterResourceQuota + +==== HTTP request +---- +DELETE /oapi/v1/clusterresourcequotas HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-clusterresourcequotas-name-status]] +=== Get status of a ClusterResourceQuota +Read status of the specified ClusterResourceQuota + +==== HTTP request +---- +GET /oapi/v1/clusterresourcequotas/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-oapi-v1-clusterresourcequotas-name-status]] +=== Update status of a ClusterResourceQuota +Replace status of the specified ClusterResourceQuota + +==== HTTP request +---- +PUT /oapi/v1/clusterresourcequotas/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterResourceQuota", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas/$NAME/status <<'EOF' +{ + "kind": "ClusterResourceQuota", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterResourceQuota +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-clusterresourcequotas-name-status]] +=== Patch status of a ClusterResourceQuota +Partially update status of the specified ClusterResourceQuota + +==== HTTP request +---- +PATCH /oapi/v1/clusterresourcequotas/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/clusterresourcequotas/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterResourceQuota +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterResourceQuota +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ClusterRole.adoc b/rest_api/oapi/v1.ClusterRole.adoc new file mode 100644 index 000000000000..4c33d49c11c3 --- /dev/null +++ b/rest_api/oapi/v1.ClusterRole.adoc @@ -0,0 +1,515 @@ += v1.ClusterRole +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterRole is a logical grouping of PolicyRules that can be referenced as a unit by ClusterRoleBindings. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
rules:
+
- apiGroups:
+
- - [string]:
+
  attributeRestrictions:
+
    Raw:
+
  nonResourceURLs:
+
  - [string]:
+
  resourceNames:
+
  - [string]:
+
  resources:
+
  - [string]:
+
  verbs:
+
  - [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-clusterroles]] +=== Create a ClusterRole +Create a ClusterRole + +==== HTTP request +---- +POST /oapi/v1/clusterroles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRole", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterroles <<'EOF' +{ + "kind": "ClusterRole", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-clusterroles-name]] +=== Get a ClusterRole +Read the specified ClusterRole + +==== HTTP request +---- +GET /oapi/v1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusterroles/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-clusterroles]] +=== Get all ClusterRoles +List objects of kind ClusterRole + +==== HTTP request +---- +GET /oapi/v1/clusterroles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusterroles +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-clusterroles-name]] +=== Update a ClusterRole +Replace the specified ClusterRole + +==== HTTP request +---- +PUT /oapi/v1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRole", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterroles/$NAME <<'EOF' +{ + "kind": "ClusterRole", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterRole +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-clusterroles-name]] +=== Patch a ClusterRole +Partially update the specified ClusterRole + +==== HTTP request +---- +PATCH /oapi/v1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/clusterroles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRole +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-clusterroles-name]] +=== Delete a ClusterRole +Delete a ClusterRole + +==== HTTP request +---- +DELETE /oapi/v1/clusterroles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterroles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRole +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ClusterRoleBinding.adoc b/rest_api/oapi/v1.ClusterRoleBinding.adoc new file mode 100644 index 000000000000..76f518b1f070 --- /dev/null +++ b/rest_api/oapi/v1.ClusterRoleBinding.adoc @@ -0,0 +1,522 @@ += v1.ClusterRoleBinding +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ClusterRoleBinding references a ClusterRole, but not contain it. It can reference any ClusterRole in the same namespace or in the global namespace. It adds who information via (Users and Groups) OR Subjects and namespace information by which namespace it exists in. ClusterRoleBindings in a given namespace only have effect in that namespace (excepting the master namespace which has power in all namespaces). + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
groupNames:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
roleRef:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
subjects:
+
- apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
userNames:
+
- [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-clusterrolebindings]] +=== Create a ClusterRoleBinding +Create a ClusterRoleBinding + +==== HTTP request +---- +POST /oapi/v1/clusterrolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRoleBinding", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterrolebindings <<'EOF' +{ + "kind": "ClusterRoleBinding", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-clusterrolebindings-name]] +=== Get a ClusterRoleBinding +Read the specified ClusterRoleBinding + +==== HTTP request +---- +GET /oapi/v1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusterrolebindings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-clusterrolebindings]] +=== Get all ClusterRoleBindings +List objects of kind ClusterRoleBinding + +==== HTTP request +---- +GET /oapi/v1/clusterrolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/clusterrolebindings +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBindingList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-clusterrolebindings-name]] +=== Update a ClusterRoleBinding +Replace the specified ClusterRoleBinding + +==== HTTP request +---- +PUT /oapi/v1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ClusterRoleBinding", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterrolebindings/$NAME <<'EOF' +{ + "kind": "ClusterRoleBinding", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ClusterRoleBinding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-clusterrolebindings-name]] +=== Patch a ClusterRoleBinding +Partially update the specified ClusterRoleBinding + +==== HTTP request +---- +PATCH /oapi/v1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/clusterrolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ClusterRoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-clusterrolebindings-name]] +=== Delete a ClusterRoleBinding +Delete a ClusterRoleBinding + +==== HTTP request +---- +DELETE /oapi/v1/clusterrolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/clusterrolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ClusterRoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.DeploymentConfig.adoc b/rest_api/oapi/v1.DeploymentConfig.adoc new file mode 100644 index 000000000000..b0e0bda75576 --- /dev/null +++ b/rest_api/oapi/v1.DeploymentConfig.adoc @@ -0,0 +1,2467 @@ += v1.DeploymentConfig +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Deployment Configs define the template for a pod and manages deploying new images or configuration changes. A single deployment configuration is usually analogous to a single micro-service. Can support many different deployment patterns, including full restart, customizable rolling updates, and fully custom behaviors, as well as pre- and post- deployment hooks. Each individual deployment is represented as a replication controller. + +A deployment is "triggered" when its configuration is changed or a tag in an Image Stream is changed. Triggers can be disabled to allow manual control over a deployment. The "strategy" determines how the deployment is carried out and may be changed at any time. The `latestVersion` field is updated when a new deployment is triggered by any means. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  minReadySeconds:
+
  paused:
+
  replicas:
+
  revisionHistoryLimit:
+
  selector:
+
    [string]:
+
  strategy:
+
    activeDeadlineSeconds:
+
    annotations:
+
      [string]:
+
    customParams:
+
      command:
+
      - [string]:
+
      environment:
+
      - name:
+
        value:
+
        valueFrom:
+
          configMapKeyRef:
+
            key:
+
            name:
+
            optional:
+
          fieldRef:
+
            apiVersion:
+
            fieldPath:
+
          resourceFieldRef:
+
            containerName:
+
            divisor:
+
            resource:
+
          secretKeyRef:
+
            key:
+
            name:
+
            optional:
+
      image:
+
    labels:
+
      [string]:
+
    recreateParams:
+
      mid:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      post:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      pre:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      timeoutSeconds:
+
    resources:
+
      limits:
+
        [string]:
+
      requests:
+
        [string]:
+
    rollingParams:
+
      intervalSeconds:
+
      maxSurge:
+
      maxUnavailable:
+
      post:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      pre:
+
        execNewPod:
+
          command:
+
          - [string]:
+
          containerName:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          volumes:
+
          - [string]:
+
        failurePolicy:
+
        tagImages:
+
        - containerName:
+
          to:
+
            apiVersion:
+
            fieldPath:
+
            kind:
+
            name:
+
            namespace:
+
            resourceVersion:
+
            uid:
+
      timeoutSeconds:
+
      updatePeriodSeconds:
+
    type:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
  test:
+
  triggers:
+
  - imageChangeParams:
+
  -   automatic:
+
      containerNames:
+
      - [string]:
+
      from:
+
        apiVersion:
+
        fieldPath:
+
        kind:
+
        name:
+
        namespace:
+
        resourceVersion:
+
        uid:
+
      lastTriggeredImage:
+
    type:
+
status:
+
  availableReplicas:
+
  conditions:
+
  - lastTransitionTime:
+
    lastUpdateTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  details:
+
    causes:
+
    - imageTrigger:
+
    -   from:
+
    -     apiVersion:
+
          fieldPath:
+
          kind:
+
          name:
+
          namespace:
+
          resourceVersion:
+
          uid:
+
      type:
+
    message:
+
  latestVersion:
+
  observedGeneration:
+
  readyReplicas:
+
  replicas:
+
  unavailableReplicas:
+
  updatedReplicas:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-deploymentconfigs]] +=== Create a DeploymentConfig +Create a DeploymentConfig + +==== HTTP request +---- +POST /oapi/v1/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfig", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/deploymentconfigs <<'EOF' +{ + "kind": "DeploymentConfig", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfig +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-deploymentconfigs]] +=== Create a DeploymentConfig in a namespace +Create a DeploymentConfig + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfig", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs <<'EOF' +{ + "kind": "DeploymentConfig", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-deploymentconfigs-name]] +=== Get a DeploymentConfig in a namespace +Read the specified DeploymentConfig + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-deploymentconfigs]] +=== Get all DeploymentConfigs +List or watch objects of kind DeploymentConfig + +==== HTTP request +---- +GET /oapi/v1/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/deploymentconfigs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfigList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-deploymentconfigs]] +=== Get all DeploymentConfigs in a namespace +List or watch objects of kind DeploymentConfig + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfigList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-deploymentconfigs-name]] +=== Watch a DeploymentConfig in a namespace +Watch changes to an object of kind DeploymentConfig + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/deploymentconfigs/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-deploymentconfigs]] +=== Watch all DeploymentConfigs +Watch individual changes to a list of DeploymentConfig + +==== HTTP request +---- +GET /oapi/v1/watch/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/deploymentconfigs +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-deploymentconfigs]] +=== Watch all DeploymentConfigs in a namespace +Watch individual changes to a list of DeploymentConfig + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/deploymentconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-deploymentconfigs-name]] +=== Update a DeploymentConfig in a namespace +Replace the specified DeploymentConfig + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfig", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME <<'EOF' +{ + "kind": "DeploymentConfig", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-deploymentconfigs-name]] +=== Patch a DeploymentConfig in a namespace +Partially update the specified DeploymentConfig + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-deploymentconfigs-name]] +=== Delete a DeploymentConfig in a namespace +Delete a DeploymentConfig + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-deploymentconfigs]] +=== Delete all DeploymentConfigs in a namespace +Delete collection of DeploymentConfig + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-deploymentconfigs-name-instantiate]] +=== Create instantiate of a DeploymentConfig in a namespace +Create instantiate of a DeploymentRequest + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/instantiate HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentRequest", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/instantiate <<'EOF' +{ + "kind": "DeploymentRequest", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentRequest +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentRequest +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-deploymentconfigs-name-log]] +=== Get log of a DeploymentConfig in a namespace +Read log of the specified DeploymentLog + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/log HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/log +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentLog +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|container|The container for which to stream logs. Defaults to only container if there is one container in the pod. +|follow|Follow if true indicates that the build log should be streamed until the build terminates. +|limitBytes|If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit. +|nowait|NoWait if true causes the call to return immediately even if the deployment is not available yet. Otherwise the server will wait until the deployment has started. +|pretty|If 'true', then the output is pretty printed. +|previous|Return previous deployment logs. Defaults to false. +|sinceSeconds|A relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified. +|tailLines|If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime +|timestamps|If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false. +|version|Version of the deployment for which to view logs. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentLog +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-deploymentconfigs-name-rollback]] +=== Create rollback of a DeploymentConfig in a namespace +Create rollback of a DeploymentConfigRollback + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/rollback HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfigRollback", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/rollback <<'EOF' +{ + "kind": "DeploymentConfigRollback", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfigRollback +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfigRollback +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfigRollback +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-deploymentconfigs-name-scale]] +=== Get scale of a DeploymentConfig in a namespace +Read scale of the specified Scale + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-oapi-v1-namespaces-namespace-deploymentconfigs-name-scale]] +=== Update scale of a DeploymentConfig in a namespace +Replace scale of the specified Scale + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Scale", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale <<'EOF' +{ + "kind": "Scale", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1beta1.Scale +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-deploymentconfigs-name-scale]] +=== Patch scale of a DeploymentConfig in a namespace +Partially update scale of the specified Scale + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/scale <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Scale +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1beta1.Scale +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-deploymentconfigs-name-status]] +=== Get status of a DeploymentConfig in a namespace +Read status of the specified DeploymentConfig + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-oapi-v1-namespaces-namespace-deploymentconfigs-name-status]] +=== Update status of a DeploymentConfig in a namespace +Replace status of the specified DeploymentConfig + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfig", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status <<'EOF' +{ + "kind": "DeploymentConfig", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfig +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-deploymentconfigs-name-status]] +=== Patch status of a DeploymentConfig in a namespace +Partially update status of the specified DeploymentConfig + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigs/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the DeploymentConfig +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfig +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.DeploymentConfigRollback.adoc b/rest_api/oapi/v1.DeploymentConfigRollback.adoc new file mode 100644 index 000000000000..7fd98e47d208 --- /dev/null +++ b/rest_api/oapi/v1.DeploymentConfigRollback.adoc @@ -0,0 +1,193 @@ += v1.DeploymentConfigRollback +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +DeploymentConfigRollback provides the input to rollback generation. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
name:
+
spec:
+
  from:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  includeReplicationMeta:
+
  includeStrategy:
+
  includeTemplate:
+
  includeTriggers:
+
  revision:
+
updatedAnnotations:
+
  [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-deploymentconfigrollbacks]] +=== Create a DeploymentConfigRollback +Create a DeploymentConfigRollback + +==== HTTP request +---- +POST /oapi/v1/deploymentconfigrollbacks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfigRollback", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/deploymentconfigrollbacks <<'EOF' +{ + "kind": "DeploymentConfigRollback", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfigRollback +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfigRollback +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-deploymentconfigrollbacks]] +=== Create a DeploymentConfigRollback in a namespace +Create a DeploymentConfigRollback + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/deploymentconfigrollbacks HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "DeploymentConfigRollback", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/deploymentconfigrollbacks <<'EOF' +{ + "kind": "DeploymentConfigRollback", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeploymentConfigRollback +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.DeploymentConfigRollback +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.EgressNetworkPolicy.adoc b/rest_api/oapi/v1.EgressNetworkPolicy.adoc new file mode 100644 index 000000000000..b925c99a63ec --- /dev/null +++ b/rest_api/oapi/v1.EgressNetworkPolicy.adoc @@ -0,0 +1,889 @@ += v1.EgressNetworkPolicy +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +EgressNetworkPolicy describes the current egress network policy for a Namespace. When using the 'redhat/openshift-ovs-multitenant' network plugin, traffic from a pod to an IP address outside the cluster will be checked against each EgressNetworkPolicyRule in the pod's namespace's EgressNetworkPolicy, in order. If no rule matches (or no EgressNetworkPolicy is present) then the traffic will be allowed by default. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  egress:
+
  - to:
+
  -   cidrSelector:
+
      dnsName:
+
    type:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-egressnetworkpolicies]] +=== Create a EgressNetworkPolicy +Create an EgressNetworkPolicy + +==== HTTP request +---- +POST /oapi/v1/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/egressnetworkpolicies <<'EOF' +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.EgressNetworkPolicy +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-egressnetworkpolicies]] +=== Create a EgressNetworkPolicy in a namespace +Create an EgressNetworkPolicy + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies <<'EOF' +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.EgressNetworkPolicy +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-egressnetworkpolicies-name]] +=== Get a EgressNetworkPolicy in a namespace +Read the specified EgressNetworkPolicy + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-egressnetworkpolicies]] +=== Get all EgressNetworkPolicies +List or watch objects of kind EgressNetworkPolicy + +==== HTTP request +---- +GET /oapi/v1/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/egressnetworkpolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicyList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-egressnetworkpolicies]] +=== Get all EgressNetworkPolicies in a namespace +List or watch objects of kind EgressNetworkPolicy + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicyList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-egressnetworkpolicies-name]] +=== Watch a EgressNetworkPolicy in a namespace +Watch changes to an object of kind EgressNetworkPolicy + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-egressnetworkpolicies]] +=== Watch all EgressNetworkPolicies +Watch individual changes to a list of EgressNetworkPolicy + +==== HTTP request +---- +GET /oapi/v1/watch/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/egressnetworkpolicies +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-egressnetworkpolicies]] +=== Watch all EgressNetworkPolicies in a namespace +Watch individual changes to a list of EgressNetworkPolicy + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/egressnetworkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-egressnetworkpolicies-name]] +=== Update a EgressNetworkPolicy in a namespace +Replace the specified EgressNetworkPolicy + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME <<'EOF' +{ + "kind": "EgressNetworkPolicy", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.EgressNetworkPolicy +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-egressnetworkpolicies-name]] +=== Patch a EgressNetworkPolicy in a namespace +Partially update the specified EgressNetworkPolicy + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.EgressNetworkPolicy +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-egressnetworkpolicies-name]] +=== Delete a EgressNetworkPolicy in a namespace +Delete an EgressNetworkPolicy + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the EgressNetworkPolicy +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-egressnetworkpolicies]] +=== Delete all EgressNetworkPolicies in a namespace +Delete collection of EgressNetworkPolicy + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/egressnetworkpolicies +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.Group.adoc b/rest_api/oapi/v1.Group.adoc new file mode 100644 index 000000000000..9be96ea06c00 --- /dev/null +++ b/rest_api/oapi/v1.Group.adoc @@ -0,0 +1,674 @@ += v1.Group +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Group represents a referenceable set of Users + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
users:
+
- [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-groups]] +=== Create a Group +Create a Group + +==== HTTP request +---- +POST /oapi/v1/groups HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Group", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/groups <<'EOF' +{ + "kind": "Group", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Group +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-groups-name]] +=== Get a Group +Read the specified Group + +==== HTTP request +---- +GET /oapi/v1/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/groups/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Group +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-groups]] +=== Get all Groups +List or watch objects of kind Group + +==== HTTP request +---- +GET /oapi/v1/groups HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/groups +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.GroupList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-groups-name]] +=== Watch a Group +Watch changes to an object of kind Group + +==== HTTP request +---- +GET /oapi/v1/watch/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/groups/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-groups]] +=== Watch all Groups +Watch individual changes to a list of Group + +==== HTTP request +---- +GET /oapi/v1/watch/groups HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/groups +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-groups-name]] +=== Update a Group +Replace the specified Group + +==== HTTP request +---- +PUT /oapi/v1/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Group", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/groups/$NAME <<'EOF' +{ + "kind": "Group", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Group +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Group +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-groups-name]] +=== Patch a Group +Partially update the specified Group + +==== HTTP request +---- +PATCH /oapi/v1/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/groups/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Group +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-groups-name]] +=== Delete a Group +Delete a Group + +==== HTTP request +---- +DELETE /oapi/v1/groups/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/groups/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Group +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-groups]] +=== Delete all Groups +Delete collection of Group + +==== HTTP request +---- +DELETE /oapi/v1/groups HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/groups +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.HostSubnet.adoc b/rest_api/oapi/v1.HostSubnet.adoc new file mode 100644 index 000000000000..fb22ee20548b --- /dev/null +++ b/rest_api/oapi/v1.HostSubnet.adoc @@ -0,0 +1,675 @@ += v1.HostSubnet +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +HostSubnet describes the container subnet network on a node. The HostSubnet object must have the same name as the Node object it corresponds to. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
host:
+
hostIP:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
subnet:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-hostsubnets]] +=== Create a HostSubnet +Create a HostSubnet + +==== HTTP request +---- +POST /oapi/v1/hostsubnets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "HostSubnet", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/hostsubnets <<'EOF' +{ + "kind": "HostSubnet", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-hostsubnets-name]] +=== Get a HostSubnet +Read the specified HostSubnet + +==== HTTP request +---- +GET /oapi/v1/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/hostsubnets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-hostsubnets]] +=== Get all HostSubnets +List or watch objects of kind HostSubnet + +==== HTTP request +---- +GET /oapi/v1/hostsubnets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/hostsubnets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnetList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-hostsubnets-name]] +=== Watch a HostSubnet +Watch changes to an object of kind HostSubnet + +==== HTTP request +---- +GET /oapi/v1/watch/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/hostsubnets/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-hostsubnets]] +=== Watch all HostSubnets +Watch individual changes to a list of HostSubnet + +==== HTTP request +---- +GET /oapi/v1/watch/hostsubnets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/hostsubnets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-hostsubnets-name]] +=== Update a HostSubnet +Replace the specified HostSubnet + +==== HTTP request +---- +PUT /oapi/v1/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "HostSubnet", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/hostsubnets/$NAME <<'EOF' +{ + "kind": "HostSubnet", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.HostSubnet +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnet +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-hostsubnets-name]] +=== Patch a HostSubnet +Partially update the specified HostSubnet + +==== HTTP request +---- +PATCH /oapi/v1/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/hostsubnets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.HostSubnet +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-hostsubnets-name]] +=== Delete a HostSubnet +Delete a HostSubnet + +==== HTTP request +---- +DELETE /oapi/v1/hostsubnets/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/hostsubnets/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the HostSubnet +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-hostsubnets]] +=== Delete all HostSubnets +Delete collection of HostSubnet + +==== HTTP request +---- +DELETE /oapi/v1/hostsubnets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/hostsubnets +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.Identity.adoc b/rest_api/oapi/v1.Identity.adoc new file mode 100644 index 000000000000..cf3de98b8b22 --- /dev/null +++ b/rest_api/oapi/v1.Identity.adoc @@ -0,0 +1,684 @@ += v1.Identity +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Identity records a successful authentication of a user with an identity provider. The information about the source of authentication is stored on the identity, and the identity is then associated with a single user object. Multiple identities can reference a single user. Information retrieved from the authentication provider is stored in the extra field using a schema determined by the provider. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
extra:
+
  [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
providerName:
+
providerUserName:
+
user:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-identities]] +=== Create a Identity +Create an Identity + +==== HTTP request +---- +POST /oapi/v1/identities HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Identity", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/identities <<'EOF' +{ + "kind": "Identity", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Identity +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-identities-name]] +=== Get a Identity +Read the specified Identity + +==== HTTP request +---- +GET /oapi/v1/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/identities/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Identity +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-identities]] +=== Get all Identities +List or watch objects of kind Identity + +==== HTTP request +---- +GET /oapi/v1/identities HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/identities +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.IdentityList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-identities-name]] +=== Watch a Identity +Watch changes to an object of kind Identity + +==== HTTP request +---- +GET /oapi/v1/watch/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/identities/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-identities]] +=== Watch all Identities +Watch individual changes to a list of Identity + +==== HTTP request +---- +GET /oapi/v1/watch/identities HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/identities +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-identities-name]] +=== Update a Identity +Replace the specified Identity + +==== HTTP request +---- +PUT /oapi/v1/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Identity", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/identities/$NAME <<'EOF' +{ + "kind": "Identity", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Identity +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Identity +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-identities-name]] +=== Patch a Identity +Partially update the specified Identity + +==== HTTP request +---- +PATCH /oapi/v1/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/identities/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Identity +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-identities-name]] +=== Delete a Identity +Delete an Identity + +==== HTTP request +---- +DELETE /oapi/v1/identities/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/identities/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Identity +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-identities]] +=== Delete all Identities +Delete collection of Identity + +==== HTTP request +---- +DELETE /oapi/v1/identities HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/identities +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.Image.adoc b/rest_api/oapi/v1.Image.adoc new file mode 100644 index 000000000000..2f97ed279203 --- /dev/null +++ b/rest_api/oapi/v1.Image.adoc @@ -0,0 +1,776 @@ += v1.Image +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Image is an immutable representation of a Docker image and metadata at a point in time. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
dockerImageConfig:
+
dockerImageLayers:
+
- mediaType:
+
  name:
+
  size:
+
dockerImageManifest:
+
dockerImageManifestMediaType:
+
dockerImageMetadata:
+
  Raw:
+
dockerImageMetadataVersion:
+
dockerImageReference:
+
dockerImageSignatures:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
signatures:
+
- apiVersion:
+
  conditions:
+
  - lastProbeTime:
+
    lastTransitionTime:
+
    message:
+
    reason:
+
    status:
+
    type:
+
  content:
+
  created:
+
  imageIdentity:
+
  issuedBy:
+
    commonName:
+
    organization:
+
  issuedTo:
+
    commonName:
+
    organization:
+
    publicKeyID:
+
  kind:
+
  metadata:
+
    annotations:
+
      [string]:
+
    clusterName:
+
    creationTimestamp:
+
    deletionGracePeriodSeconds:
+
    deletionTimestamp:
+
    finalizers:
+
    - [string]:
+
    generateName:
+
    generation:
+
    initializers:
+
      pending:
+
      - name:
+
      result:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
    labels:
+
      [string]:
+
    name:
+
    namespace:
+
    ownerReferences:
+
    - apiVersion:
+
      blockOwnerDeletion:
+
      controller:
+
      kind:
+
      name:
+
      uid:
+
    resourceVersion:
+
    selfLink:
+
    uid:
+
  signedClaims:
+
    [string]:
+
  type:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-images]] +=== Create a Image +Create an Image + +==== HTTP request +---- +POST /oapi/v1/images HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Image", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/images <<'EOF' +{ + "kind": "Image", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Image +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-images-name]] +=== Get a Image +Read the specified Image + +==== HTTP request +---- +GET /oapi/v1/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/images/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Image +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-images]] +=== Get all Images +List or watch objects of kind Image + +==== HTTP request +---- +GET /oapi/v1/images HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/images +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-images-name]] +=== Watch a Image +Watch changes to an object of kind Image + +==== HTTP request +---- +GET /oapi/v1/watch/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/images/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-images]] +=== Watch all Images +Watch individual changes to a list of Image + +==== HTTP request +---- +GET /oapi/v1/watch/images HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/images +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-images-name]] +=== Update a Image +Replace the specified Image + +==== HTTP request +---- +PUT /oapi/v1/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Image", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/images/$NAME <<'EOF' +{ + "kind": "Image", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Image +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Image +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-images-name]] +=== Patch a Image +Partially update the specified Image + +==== HTTP request +---- +PATCH /oapi/v1/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/images/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Image +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-images-name]] +=== Delete a Image +Delete an Image + +==== HTTP request +---- +DELETE /oapi/v1/images/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/images/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Image +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-images]] +=== Delete all Images +Delete collection of Image + +==== HTTP request +---- +DELETE /oapi/v1/images HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/images +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ImageSignature.adoc b/rest_api/oapi/v1.ImageSignature.adoc new file mode 100644 index 000000000000..3ef4f1b03a58 --- /dev/null +++ b/rest_api/oapi/v1.ImageSignature.adoc @@ -0,0 +1,241 @@ += v1.ImageSignature +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
conditions:
+
- lastProbeTime:
+
  lastTransitionTime:
+
  message:
+
  reason:
+
  status:
+
  type:
+
content:
+
created:
+
imageIdentity:
+
issuedBy:
+
  commonName:
+
  organization:
+
issuedTo:
+
  commonName:
+
  organization:
+
  publicKeyID:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
signedClaims:
+
  [string]:
+
type:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-imagesignatures]] +=== Create a ImageSignature +Create an ImageSignature + +==== HTTP request +---- +POST /oapi/v1/imagesignatures HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageSignature", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/imagesignatures <<'EOF' +{ + "kind": "ImageSignature", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageSignature +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageSignature +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-imagesignatures-name]] +=== Delete a ImageSignature +Delete an ImageSignature + +==== HTTP request +---- +DELETE /oapi/v1/imagesignatures/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/imagesignatures/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageSignature +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ImageStream.adoc b/rest_api/oapi/v1.ImageStream.adoc new file mode 100644 index 000000000000..5d2efbf315d1 --- /dev/null +++ b/rest_api/oapi/v1.ImageStream.adoc @@ -0,0 +1,1191 @@ += v1.ImageStream +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageStream stores a mapping of tags to images, metadata overrides that are applied when images are tagged in a stream, and an optional reference to a Docker image repository on a registry. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  dockerImageRepository:
+
  lookupPolicy:
+
    local:
+
  tags:
+
  - annotations:
+
  -   [string]:
+
    from:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
    generation:
+
    importPolicy:
+
      insecure:
+
      scheduled:
+
    name:
+
    reference:
+
    referencePolicy:
+
      type:
+
status:
+
  dockerImageRepository:
+
  publicDockerImageRepository:
+
  tags:
+
  - conditions:
+
  - - generation:
+
      lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    items:
+
    - created:
+
      dockerImageReference:
+
      generation:
+
      image:
+
    tag:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-imagestreams]] +=== Create a ImageStream +Create an ImageStream + +==== HTTP request +---- +POST /oapi/v1/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStream", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/imagestreams <<'EOF' +{ + "kind": "ImageStream", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStream +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-imagestreams]] +=== Create a ImageStream in a namespace +Create an ImageStream + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStream", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams <<'EOF' +{ + "kind": "ImageStream", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStream +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-imagestreams-name]] +=== Get a ImageStream in a namespace +Read the specified ImageStream + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-imagestreams]] +=== Get all ImageStreams +List or watch objects of kind ImageStream + +==== HTTP request +---- +GET /oapi/v1/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/imagestreams +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-imagestreams]] +=== Get all ImageStreams in a namespace +List or watch objects of kind ImageStream + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-imagestreams-name]] +=== Watch a ImageStream in a namespace +Watch changes to an object of kind ImageStream + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/imagestreams/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-imagestreams]] +=== Watch all ImageStreams +Watch individual changes to a list of ImageStream + +==== HTTP request +---- +GET /oapi/v1/watch/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/imagestreams +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-imagestreams]] +=== Watch all ImageStreams in a namespace +Watch individual changes to a list of ImageStream + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/imagestreams +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-imagestreams-name]] +=== Update a ImageStream in a namespace +Replace the specified ImageStream + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStream", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME <<'EOF' +{ + "kind": "ImageStream", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStream +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-imagestreams-name]] +=== Patch a ImageStream in a namespace +Partially update the specified ImageStream + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-imagestreams-name]] +=== Delete a ImageStream in a namespace +Delete an ImageStream + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-imagestreams]] +=== Delete all ImageStreams in a namespace +Delete collection of ImageStream + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/imagestreams HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-imagestreams-name-secrets]] +=== Get secrets of a ImageStream in a namespace +Read secrets of the specified SecretList + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME/secrets HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME/secrets +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the SecretList +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SecretList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-imagestreams-name-status]] +=== Get status of a ImageStream in a namespace +Read status of the specified ImageStream + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-oapi-v1-namespaces-namespace-imagestreams-name-status]] +=== Update status of a ImageStream in a namespace +Replace status of the specified ImageStream + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStream", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status <<'EOF' +{ + "kind": "ImageStream", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStream +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-imagestreams-name-status]] +=== Patch status of a ImageStream in a namespace +Partially update status of the specified ImageStream + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreams/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStream +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStream +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ImageStreamImage.adoc b/rest_api/oapi/v1.ImageStreamImage.adoc new file mode 100644 index 000000000000..df3ea0424ab7 --- /dev/null +++ b/rest_api/oapi/v1.ImageStreamImage.adoc @@ -0,0 +1,326 @@ += v1.ImageStreamImage +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageStreamImage represents an Image that is retrieved by image name from an ImageStream. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
image:
+
  apiVersion:
+
  dockerImageConfig:
+
  dockerImageLayers:
+
  - mediaType:
+
    name:
+
    size:
+
  dockerImageManifest:
+
  dockerImageManifestMediaType:
+
  dockerImageMetadata:
+
    Raw:
+
  dockerImageMetadataVersion:
+
  dockerImageReference:
+
  dockerImageSignatures:
+
  - [string]:
+
  kind:
+
  metadata:
+
    annotations:
+
      [string]:
+
    clusterName:
+
    creationTimestamp:
+
    deletionGracePeriodSeconds:
+
    deletionTimestamp:
+
    finalizers:
+
    - [string]:
+
    generateName:
+
    generation:
+
    initializers:
+
      pending:
+
      - name:
+
      result:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
    labels:
+
      [string]:
+
    name:
+
    namespace:
+
    ownerReferences:
+
    - apiVersion:
+
      blockOwnerDeletion:
+
      controller:
+
      kind:
+
      name:
+
      uid:
+
    resourceVersion:
+
    selfLink:
+
    uid:
+
  signatures:
+
  - apiVersion:
+
    conditions:
+
    - lastProbeTime:
+
      lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    content:
+
    created:
+
    imageIdentity:
+
    issuedBy:
+
      commonName:
+
      organization:
+
    issuedTo:
+
      commonName:
+
      organization:
+
      publicKeyID:
+
    kind:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    signedClaims:
+
      [string]:
+
    type:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+

+
+++++ + +== Operations + +[[Get-oapi-v1-namespaces-namespace-imagestreamimages-name]] +=== Get a ImageStreamImage in a namespace +Read the specified ImageStreamImage + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/imagestreamimages/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreamimages/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamImage +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamImage +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ImageStreamImport.adoc b/rest_api/oapi/v1.ImageStreamImport.adoc new file mode 100644 index 000000000000..a7c9dd0f44e8 --- /dev/null +++ b/rest_api/oapi/v1.ImageStreamImport.adoc @@ -0,0 +1,821 @@ += v1.ImageStreamImport +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +The image stream import resource provides an easy way for a user to find and import Docker images from other Docker registries into the server. Individual images or an entire image repository may be imported, and users may choose to see the results of the import prior to tagging the resulting images into the specified image stream. + +This API is intended for end-user tools that need to see the metadata of the image prior to import (for instance, to generate an application from it). Clients that know the desired image can continue to create spec.tags directly into their image streams. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  images:
+
  - from:
+
  -   apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
    importPolicy:
+
      insecure:
+
      scheduled:
+
    includeManifest:
+
    referencePolicy:
+
      type:
+
    to:
+
      name:
+
  import:
+
  repository:
+
    from:
+
      apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
    importPolicy:
+
      insecure:
+
      scheduled:
+
    includeManifest:
+
    referencePolicy:
+
      type:
+
status:
+
  images:
+
  - image:
+
  -   apiVersion:
+
      dockerImageConfig:
+
      dockerImageLayers:
+
      - mediaType:
+
        name:
+
        size:
+
      dockerImageManifest:
+
      dockerImageManifestMediaType:
+
      dockerImageMetadata:
+
        Raw:
+
      dockerImageMetadataVersion:
+
      dockerImageReference:
+
      dockerImageSignatures:
+
      - [string]:
+
      kind:
+
      metadata:
+
        annotations:
+
          [string]:
+
        clusterName:
+
        creationTimestamp:
+
        deletionGracePeriodSeconds:
+
        deletionTimestamp:
+
        finalizers:
+
        - [string]:
+
        generateName:
+
        generation:
+
        initializers:
+
          pending:
+
          - name:
+
          result:
+
            apiVersion:
+
            code:
+
            details:
+
              causes:
+
              - field:
+
                message:
+
                reason:
+
              group:
+
              kind:
+
              name:
+
              retryAfterSeconds:
+
              uid:
+
            kind:
+
            message:
+
            metadata:
+
              resourceVersion:
+
              selfLink:
+
            reason:
+
            status:
+
        labels:
+
          [string]:
+
        name:
+
        namespace:
+
        ownerReferences:
+
        - apiVersion:
+
          blockOwnerDeletion:
+
          controller:
+
          kind:
+
          name:
+
          uid:
+
        resourceVersion:
+
        selfLink:
+
        uid:
+
      signatures:
+
      - apiVersion:
+
        conditions:
+
        - lastProbeTime:
+
          lastTransitionTime:
+
          message:
+
          reason:
+
          status:
+
          type:
+
        content:
+
        created:
+
        imageIdentity:
+
        issuedBy:
+
          commonName:
+
          organization:
+
        issuedTo:
+
          commonName:
+
          organization:
+
          publicKeyID:
+
        kind:
+
        metadata:
+
          annotations:
+
            [string]:
+
          clusterName:
+
          creationTimestamp:
+
          deletionGracePeriodSeconds:
+
          deletionTimestamp:
+
          finalizers:
+
          - [string]:
+
          generateName:
+
          generation:
+
          initializers:
+
            pending:
+
            - name:
+
            result:
+
              apiVersion:
+
              code:
+
              details:
+
                causes:
+
                - field:
+
                  message:
+
                  reason:
+
                group:
+
                kind:
+
                name:
+
                retryAfterSeconds:
+
                uid:
+
              kind:
+
              message:
+
              metadata:
+
                resourceVersion:
+
                selfLink:
+
              reason:
+
              status:
+
          labels:
+
            [string]:
+
          name:
+
          namespace:
+
          ownerReferences:
+
          - apiVersion:
+
            blockOwnerDeletion:
+
            controller:
+
            kind:
+
            name:
+
            uid:
+
          resourceVersion:
+
          selfLink:
+
          uid:
+
        signedClaims:
+
          [string]:
+
        type:
+
    status:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
    tag:
+
  import:
+
    apiVersion:
+
    kind:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      dockerImageRepository:
+
      lookupPolicy:
+
        local:
+
      tags:
+
      - annotations:
+
      -   [string]:
+
        from:
+
          apiVersion:
+
          fieldPath:
+
          kind:
+
          name:
+
          namespace:
+
          resourceVersion:
+
          uid:
+
        generation:
+
        importPolicy:
+
          insecure:
+
          scheduled:
+
        name:
+
        reference:
+
        referencePolicy:
+
          type:
+
    status:
+
      dockerImageRepository:
+
      publicDockerImageRepository:
+
      tags:
+
      - conditions:
+
      - - generation:
+
          lastTransitionTime:
+
          message:
+
          reason:
+
          status:
+
          type:
+
        items:
+
        - created:
+
          dockerImageReference:
+
          generation:
+
          image:
+
        tag:
+
  repository:
+
    additionalTags:
+
    - [string]:
+
    images:
+
    - image:
+
    -   apiVersion:
+
        dockerImageConfig:
+
        dockerImageLayers:
+
        - mediaType:
+
          name:
+
          size:
+
        dockerImageManifest:
+
        dockerImageManifestMediaType:
+
        dockerImageMetadata:
+
          Raw:
+
        dockerImageMetadataVersion:
+
        dockerImageReference:
+
        dockerImageSignatures:
+
        - [string]:
+
        kind:
+
        metadata:
+
          annotations:
+
            [string]:
+
          clusterName:
+
          creationTimestamp:
+
          deletionGracePeriodSeconds:
+
          deletionTimestamp:
+
          finalizers:
+
          - [string]:
+
          generateName:
+
          generation:
+
          initializers:
+
            pending:
+
            - name:
+
            result:
+
              apiVersion:
+
              code:
+
              details:
+
                causes:
+
                - field:
+
                  message:
+
                  reason:
+
                group:
+
                kind:
+
                name:
+
                retryAfterSeconds:
+
                uid:
+
              kind:
+
              message:
+
              metadata:
+
                resourceVersion:
+
                selfLink:
+
              reason:
+
              status:
+
          labels:
+
            [string]:
+
          name:
+
          namespace:
+
          ownerReferences:
+
          - apiVersion:
+
            blockOwnerDeletion:
+
            controller:
+
            kind:
+
            name:
+
            uid:
+
          resourceVersion:
+
          selfLink:
+
          uid:
+
        signatures:
+
        - apiVersion:
+
          conditions:
+
          - lastProbeTime:
+
            lastTransitionTime:
+
            message:
+
            reason:
+
            status:
+
            type:
+
          content:
+
          created:
+
          imageIdentity:
+
          issuedBy:
+
            commonName:
+
            organization:
+
          issuedTo:
+
            commonName:
+
            organization:
+
            publicKeyID:
+
          kind:
+
          metadata:
+
            annotations:
+
              [string]:
+
            clusterName:
+
            creationTimestamp:
+
            deletionGracePeriodSeconds:
+
            deletionTimestamp:
+
            finalizers:
+
            - [string]:
+
            generateName:
+
            generation:
+
            initializers:
+
              pending:
+
              - name:
+
              result:
+
                apiVersion:
+
                code:
+
                details:
+
                  causes:
+
                  - field:
+
                    message:
+
                    reason:
+
                  group:
+
                  kind:
+
                  name:
+
                  retryAfterSeconds:
+
                  uid:
+
                kind:
+
                message:
+
                metadata:
+
                  resourceVersion:
+
                  selfLink:
+
                reason:
+
                status:
+
            labels:
+
              [string]:
+
            name:
+
            namespace:
+
            ownerReferences:
+
            - apiVersion:
+
              blockOwnerDeletion:
+
              controller:
+
              kind:
+
              name:
+
              uid:
+
            resourceVersion:
+
            selfLink:
+
            uid:
+
          signedClaims:
+
            [string]:
+
          type:
+
      status:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
      tag:
+
    status:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-imagestreamimports]] +=== Create a ImageStreamImport +Create an ImageStreamImport + +==== HTTP request +---- +POST /oapi/v1/imagestreamimports HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamImport", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/imagestreamimports <<'EOF' +{ + "kind": "ImageStreamImport", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamImport +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamImport +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-imagestreamimports]] +=== Create a ImageStreamImport in a namespace +Create an ImageStreamImport + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/imagestreamimports HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamImport", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreamimports <<'EOF' +{ + "kind": "ImageStreamImport", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamImport +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamImport +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ImageStreamMapping.adoc b/rest_api/oapi/v1.ImageStreamMapping.adoc new file mode 100644 index 000000000000..542a1e534e0f --- /dev/null +++ b/rest_api/oapi/v1.ImageStreamMapping.adoc @@ -0,0 +1,420 @@ += v1.ImageStreamMapping +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageStreamMapping represents a mapping from a single tag to a Docker image as well as the reference to the Docker image stream the image came from. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
image:
+
  apiVersion:
+
  dockerImageConfig:
+
  dockerImageLayers:
+
  - mediaType:
+
    name:
+
    size:
+
  dockerImageManifest:
+
  dockerImageManifestMediaType:
+
  dockerImageMetadata:
+
    Raw:
+
  dockerImageMetadataVersion:
+
  dockerImageReference:
+
  dockerImageSignatures:
+
  - [string]:
+
  kind:
+
  metadata:
+
    annotations:
+
      [string]:
+
    clusterName:
+
    creationTimestamp:
+
    deletionGracePeriodSeconds:
+
    deletionTimestamp:
+
    finalizers:
+
    - [string]:
+
    generateName:
+
    generation:
+
    initializers:
+
      pending:
+
      - name:
+
      result:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
    labels:
+
      [string]:
+
    name:
+
    namespace:
+
    ownerReferences:
+
    - apiVersion:
+
      blockOwnerDeletion:
+
      controller:
+
      kind:
+
      name:
+
      uid:
+
    resourceVersion:
+
    selfLink:
+
    uid:
+
  signatures:
+
  - apiVersion:
+
    conditions:
+
    - lastProbeTime:
+
      lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    content:
+
    created:
+
    imageIdentity:
+
    issuedBy:
+
      commonName:
+
      organization:
+
    issuedTo:
+
      commonName:
+
      organization:
+
      publicKeyID:
+
    kind:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    signedClaims:
+
      [string]:
+
    type:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
tag:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-imagestreammappings]] +=== Create a ImageStreamMapping +Create an ImageStreamMapping + +==== HTTP request +---- +POST /oapi/v1/imagestreammappings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamMapping", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/imagestreammappings <<'EOF' +{ + "kind": "ImageStreamMapping", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-imagestreammappings]] +=== Create a ImageStreamMapping in a namespace +Create an ImageStreamMapping + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/imagestreammappings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamMapping", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreammappings <<'EOF' +{ + "kind": "ImageStreamMapping", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamMapping +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ImageStreamTag.adoc b/rest_api/oapi/v1.ImageStreamTag.adoc new file mode 100644 index 000000000000..d5c4c0f431fe --- /dev/null +++ b/rest_api/oapi/v1.ImageStreamTag.adoc @@ -0,0 +1,826 @@ += v1.ImageStreamTag +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ImageStreamTag represents an Image that is retrieved by tag name from an ImageStream. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
conditions:
+
- generation:
+
  lastTransitionTime:
+
  message:
+
  reason:
+
  status:
+
  type:
+
generation:
+
image:
+
  apiVersion:
+
  dockerImageConfig:
+
  dockerImageLayers:
+
  - mediaType:
+
    name:
+
    size:
+
  dockerImageManifest:
+
  dockerImageManifestMediaType:
+
  dockerImageMetadata:
+
    Raw:
+
  dockerImageMetadataVersion:
+
  dockerImageReference:
+
  dockerImageSignatures:
+
  - [string]:
+
  kind:
+
  metadata:
+
    annotations:
+
      [string]:
+
    clusterName:
+
    creationTimestamp:
+
    deletionGracePeriodSeconds:
+
    deletionTimestamp:
+
    finalizers:
+
    - [string]:
+
    generateName:
+
    generation:
+
    initializers:
+
      pending:
+
      - name:
+
      result:
+
        apiVersion:
+
        code:
+
        details:
+
          causes:
+
          - field:
+
            message:
+
            reason:
+
          group:
+
          kind:
+
          name:
+
          retryAfterSeconds:
+
          uid:
+
        kind:
+
        message:
+
        metadata:
+
          resourceVersion:
+
          selfLink:
+
        reason:
+
        status:
+
    labels:
+
      [string]:
+
    name:
+
    namespace:
+
    ownerReferences:
+
    - apiVersion:
+
      blockOwnerDeletion:
+
      controller:
+
      kind:
+
      name:
+
      uid:
+
    resourceVersion:
+
    selfLink:
+
    uid:
+
  signatures:
+
  - apiVersion:
+
    conditions:
+
    - lastProbeTime:
+
      lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    content:
+
    created:
+
    imageIdentity:
+
    issuedBy:
+
      commonName:
+
      organization:
+
    issuedTo:
+
      commonName:
+
      organization:
+
      publicKeyID:
+
    kind:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    signedClaims:
+
      [string]:
+
    type:
+
kind:
+
lookupPolicy:
+
  local:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
tag:
+
  annotations:
+
    [string]:
+
  from:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  generation:
+
  importPolicy:
+
    insecure:
+
    scheduled:
+
  name:
+
  reference:
+
  referencePolicy:
+
    type:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-imagestreamtags]] +=== Create a ImageStreamTag +Create an ImageStreamTag + +==== HTTP request +---- +POST /oapi/v1/imagestreamtags HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamTag", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/imagestreamtags <<'EOF' +{ + "kind": "ImageStreamTag", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamTag +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-imagestreamtags]] +=== Create a ImageStreamTag in a namespace +Create an ImageStreamTag + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/imagestreamtags HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamTag", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreamtags <<'EOF' +{ + "kind": "ImageStreamTag", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamTag +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-imagestreamtags-name]] +=== Get a ImageStreamTag in a namespace +Read the specified ImageStreamTag + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamTag +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-imagestreamtags]] +=== Get all ImageStreamTags +List objects of kind ImageStreamTag + +==== HTTP request +---- +GET /oapi/v1/imagestreamtags HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/imagestreamtags +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTagList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-imagestreamtags]] +=== Get all ImageStreamTags in a namespace +List objects of kind ImageStreamTag + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/imagestreamtags HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreamtags +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTagList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-imagestreamtags-name]] +=== Update a ImageStreamTag in a namespace +Replace the specified ImageStreamTag + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ImageStreamTag", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME <<'EOF' +{ + "kind": "ImageStreamTag", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ImageStreamTag +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamTag +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-imagestreamtags-name]] +=== Patch a ImageStreamTag in a namespace +Partially update the specified ImageStreamTag + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamTag +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ImageStreamTag +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-imagestreamtags-name]] +=== Delete a ImageStreamTag in a namespace +Delete an ImageStreamTag + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/imagestreamtags/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the ImageStreamTag +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.LocalResourceAccessReview.adoc b/rest_api/oapi/v1.LocalResourceAccessReview.adoc new file mode 100644 index 000000000000..3826d4178c8a --- /dev/null +++ b/rest_api/oapi/v1.LocalResourceAccessReview.adoc @@ -0,0 +1,186 @@ += v1.LocalResourceAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +LocalResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec in a particular namespace + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
content:
+
  Raw:
+
isNonResourceURL:
+
kind:
+
namespace:
+
path:
+
resource:
+
resourceAPIGroup:
+
resourceAPIVersion:
+
resourceName:
+
verb:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-localresourceaccessreviews]] +=== Create a LocalResourceAccessReview +Create a LocalResourceAccessReview + +==== HTTP request +---- +POST /oapi/v1/localresourceaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalResourceAccessReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/localresourceaccessreviews <<'EOF' +{ + "kind": "LocalResourceAccessReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalResourceAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalResourceAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-localresourceaccessreviews]] +=== Create a LocalResourceAccessReview in a namespace +Create a LocalResourceAccessReview + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/localresourceaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalResourceAccessReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/localresourceaccessreviews <<'EOF' +{ + "kind": "LocalResourceAccessReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalResourceAccessReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalResourceAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.LocalSubjectAccessReview.adoc b/rest_api/oapi/v1.LocalSubjectAccessReview.adoc new file mode 100644 index 000000000000..dcc0511bc1d6 --- /dev/null +++ b/rest_api/oapi/v1.LocalSubjectAccessReview.adoc @@ -0,0 +1,191 @@ += v1.LocalSubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +LocalSubjectAccessReview is an object for requesting information about whether a user or group can perform an action in a particular namespace + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
content:
+
  Raw:
+
groups:
+
- [string]:
+
isNonResourceURL:
+
kind:
+
namespace:
+
path:
+
resource:
+
resourceAPIGroup:
+
resourceAPIVersion:
+
resourceName:
+
scopes:
+
- [string]:
+
user:
+
verb:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-localsubjectaccessreviews]] +=== Create a LocalSubjectAccessReview +Create a LocalSubjectAccessReview + +==== HTTP request +---- +POST /oapi/v1/localsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/localsubjectaccessreviews <<'EOF' +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalSubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-localsubjectaccessreviews]] +=== Create a LocalSubjectAccessReview in a namespace +Create a LocalSubjectAccessReview + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/localsubjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/localsubjectaccessreviews <<'EOF' +{ + "kind": "LocalSubjectAccessReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.LocalSubjectAccessReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.LocalSubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.NetNamespace.adoc b/rest_api/oapi/v1.NetNamespace.adoc new file mode 100644 index 000000000000..4f7c3dda6795 --- /dev/null +++ b/rest_api/oapi/v1.NetNamespace.adoc @@ -0,0 +1,674 @@ += v1.NetNamespace +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +NetNamespace describes a single isolated network. When using the redhat/openshift-ovs-multitenant plugin, every Namespace will have a corresponding NetNamespace object with the same name. (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.) + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
netid:
+
netname:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-netnamespaces]] +=== Create a NetNamespace +Create a NetNamespace + +==== HTTP request +---- +POST /oapi/v1/netnamespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetNamespace", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/netnamespaces <<'EOF' +{ + "kind": "NetNamespace", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-netnamespaces-name]] +=== Get a NetNamespace +Read the specified NetNamespace + +==== HTTP request +---- +GET /oapi/v1/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/netnamespaces/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-netnamespaces]] +=== Get all NetNamespaces +List or watch objects of kind NetNamespace + +==== HTTP request +---- +GET /oapi/v1/netnamespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/netnamespaces +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespaceList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-netnamespaces-name]] +=== Watch a NetNamespace +Watch changes to an object of kind NetNamespace + +==== HTTP request +---- +GET /oapi/v1/watch/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/netnamespaces/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-netnamespaces]] +=== Watch all NetNamespaces +Watch individual changes to a list of NetNamespace + +==== HTTP request +---- +GET /oapi/v1/watch/netnamespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/netnamespaces +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-netnamespaces-name]] +=== Update a NetNamespace +Replace the specified NetNamespace + +==== HTTP request +---- +PUT /oapi/v1/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "NetNamespace", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/netnamespaces/$NAME <<'EOF' +{ + "kind": "NetNamespace", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.NetNamespace +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespace +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-netnamespaces-name]] +=== Patch a NetNamespace +Partially update the specified NetNamespace + +==== HTTP request +---- +PATCH /oapi/v1/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/netnamespaces/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.NetNamespace +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-netnamespaces-name]] +=== Delete a NetNamespace +Delete a NetNamespace + +==== HTTP request +---- +DELETE /oapi/v1/netnamespaces/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/netnamespaces/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the NetNamespace +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-netnamespaces]] +=== Delete all NetNamespaces +Delete collection of NetNamespace + +==== HTTP request +---- +DELETE /oapi/v1/netnamespaces HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/netnamespaces +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.OAuthAccessToken.adoc b/rest_api/oapi/v1.OAuthAccessToken.adoc new file mode 100644 index 000000000000..b56b22137fe6 --- /dev/null +++ b/rest_api/oapi/v1.OAuthAccessToken.adoc @@ -0,0 +1,681 @@ += v1.OAuthAccessToken +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +OAuthAccessToken describes an OAuth access token + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
authorizeToken:
+
clientName:
+
expiresIn:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
redirectURI:
+
refreshToken:
+
scopes:
+
- [string]:
+
userName:
+
userUID:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-oauthaccesstokens]] +=== Create a OAuthAccessToken +Create an OAuthAccessToken + +==== HTTP request +---- +POST /oapi/v1/oauthaccesstokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthAccessToken", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthaccesstokens <<'EOF' +{ + "kind": "OAuthAccessToken", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-oauthaccesstokens-name]] +=== Get a OAuthAccessToken +Read the specified OAuthAccessToken + +==== HTTP request +---- +GET /oapi/v1/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthaccesstokens/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-oauthaccesstokens]] +=== Get all OAuthAccessTokens +List or watch objects of kind OAuthAccessToken + +==== HTTP request +---- +GET /oapi/v1/oauthaccesstokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthaccesstokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessTokenList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-oauthaccesstokens-name]] +=== Watch a OAuthAccessToken +Watch changes to an object of kind OAuthAccessToken + +==== HTTP request +---- +GET /oapi/v1/watch/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/oauthaccesstokens/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-oauthaccesstokens]] +=== Watch all OAuthAccessTokens +Watch individual changes to a list of OAuthAccessToken + +==== HTTP request +---- +GET /oapi/v1/watch/oauthaccesstokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/oauthaccesstokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-oauthaccesstokens-name]] +=== Update a OAuthAccessToken +Replace the specified OAuthAccessToken + +==== HTTP request +---- +PUT /oapi/v1/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthAccessToken", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthaccesstokens/$NAME <<'EOF' +{ + "kind": "OAuthAccessToken", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthAccessToken +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-oauthaccesstokens-name]] +=== Patch a OAuthAccessToken +Partially update the specified OAuthAccessToken + +==== HTTP request +---- +PATCH /oapi/v1/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/oauthaccesstokens/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAccessToken +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-oauthaccesstokens-name]] +=== Delete a OAuthAccessToken +Delete an OAuthAccessToken + +==== HTTP request +---- +DELETE /oapi/v1/oauthaccesstokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthaccesstokens/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAccessToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-oauthaccesstokens]] +=== Delete all OAuthAccessTokens +Delete collection of OAuthAccessToken + +==== HTTP request +---- +DELETE /oapi/v1/oauthaccesstokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthaccesstokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.OAuthAuthorizeToken.adoc b/rest_api/oapi/v1.OAuthAuthorizeToken.adoc new file mode 100644 index 000000000000..1ea90f804fc0 --- /dev/null +++ b/rest_api/oapi/v1.OAuthAuthorizeToken.adoc @@ -0,0 +1,682 @@ += v1.OAuthAuthorizeToken +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +OAuthAuthorizeToken describes an OAuth authorization token + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
clientName:
+
codeChallenge:
+
codeChallengeMethod:
+
expiresIn:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
redirectURI:
+
scopes:
+
- [string]:
+
state:
+
userName:
+
userUID:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-oauthauthorizetokens]] +=== Create a OAuthAuthorizeToken +Create an OAuthAuthorizeToken + +==== HTTP request +---- +POST /oapi/v1/oauthauthorizetokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthAuthorizeToken", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthauthorizetokens <<'EOF' +{ + "kind": "OAuthAuthorizeToken", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-oauthauthorizetokens-name]] +=== Get a OAuthAuthorizeToken +Read the specified OAuthAuthorizeToken + +==== HTTP request +---- +GET /oapi/v1/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthauthorizetokens/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-oauthauthorizetokens]] +=== Get all OAuthAuthorizeTokens +List or watch objects of kind OAuthAuthorizeToken + +==== HTTP request +---- +GET /oapi/v1/oauthauthorizetokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthauthorizetokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeTokenList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-oauthauthorizetokens-name]] +=== Watch a OAuthAuthorizeToken +Watch changes to an object of kind OAuthAuthorizeToken + +==== HTTP request +---- +GET /oapi/v1/watch/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/oauthauthorizetokens/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-oauthauthorizetokens]] +=== Watch all OAuthAuthorizeTokens +Watch individual changes to a list of OAuthAuthorizeToken + +==== HTTP request +---- +GET /oapi/v1/watch/oauthauthorizetokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/oauthauthorizetokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-oauthauthorizetokens-name]] +=== Update a OAuthAuthorizeToken +Replace the specified OAuthAuthorizeToken + +==== HTTP request +---- +PUT /oapi/v1/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthAuthorizeToken", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthauthorizetokens/$NAME <<'EOF' +{ + "kind": "OAuthAuthorizeToken", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthAuthorizeToken +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeToken +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-oauthauthorizetokens-name]] +=== Patch a OAuthAuthorizeToken +Partially update the specified OAuthAuthorizeToken + +==== HTTP request +---- +PATCH /oapi/v1/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/oauthauthorizetokens/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthAuthorizeToken +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-oauthauthorizetokens-name]] +=== Delete a OAuthAuthorizeToken +Delete an OAuthAuthorizeToken + +==== HTTP request +---- +DELETE /oapi/v1/oauthauthorizetokens/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthauthorizetokens/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthAuthorizeToken +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-oauthauthorizetokens]] +=== Delete all OAuthAuthorizeTokens +Delete collection of OAuthAuthorizeToken + +==== HTTP request +---- +DELETE /oapi/v1/oauthauthorizetokens HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthauthorizetokens +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.OAuthClient.adoc b/rest_api/oapi/v1.OAuthClient.adoc new file mode 100644 index 000000000000..208a5238361a --- /dev/null +++ b/rest_api/oapi/v1.OAuthClient.adoc @@ -0,0 +1,691 @@ += v1.OAuthClient +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +OAuthClient describes an OAuth client + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
additionalSecrets:
+
- [string]:
+
apiVersion:
+
grantMethod:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
redirectURIs:
+
- [string]:
+
respondWithChallenges:
+
scopeRestrictions:
+
- clusterRole:
+
-   allowEscalation:
+
    namespaces:
+
    - [string]:
+
    roleNames:
+
    - [string]:
+
  literals:
+
  - [string]:
+
secret:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-oauthclients]] +=== Create a OAuthClient +Create an OAuthClient + +==== HTTP request +---- +POST /oapi/v1/oauthclients HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthClient", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclients <<'EOF' +{ + "kind": "OAuthClient", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClient +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-oauthclients-name]] +=== Get a OAuthClient +Read the specified OAuthClient + +==== HTTP request +---- +GET /oapi/v1/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclients/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClient +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-oauthclients]] +=== Get all OAuthClients +List or watch objects of kind OAuthClient + +==== HTTP request +---- +GET /oapi/v1/oauthclients HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclients +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-oauthclients-name]] +=== Watch a OAuthClient +Watch changes to an object of kind OAuthClient + +==== HTTP request +---- +GET /oapi/v1/watch/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/oauthclients/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-oauthclients]] +=== Watch all OAuthClients +Watch individual changes to a list of OAuthClient + +==== HTTP request +---- +GET /oapi/v1/watch/oauthclients HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/oauthclients +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-oauthclients-name]] +=== Update a OAuthClient +Replace the specified OAuthClient + +==== HTTP request +---- +PUT /oapi/v1/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthClient", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclients/$NAME <<'EOF' +{ + "kind": "OAuthClient", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthClient +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClient +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-oauthclients-name]] +=== Patch a OAuthClient +Partially update the specified OAuthClient + +==== HTTP request +---- +PATCH /oapi/v1/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/oauthclients/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClient +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-oauthclients-name]] +=== Delete a OAuthClient +Delete an OAuthClient + +==== HTTP request +---- +DELETE /oapi/v1/oauthclients/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclients/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClient +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-oauthclients]] +=== Delete all OAuthClients +Delete collection of OAuthClient + +==== HTTP request +---- +DELETE /oapi/v1/oauthclients HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclients +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.OAuthClientAuthorization.adoc b/rest_api/oapi/v1.OAuthClientAuthorization.adoc new file mode 100644 index 000000000000..3db654e28362 --- /dev/null +++ b/rest_api/oapi/v1.OAuthClientAuthorization.adoc @@ -0,0 +1,677 @@ += v1.OAuthClientAuthorization +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +OAuthClientAuthorization describes an authorization created by an OAuth client + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
clientName:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
scopes:
+
- [string]:
+
userName:
+
userUID:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-oauthclientauthorizations]] +=== Create a OAuthClientAuthorization +Create an OAuthClientAuthorization + +==== HTTP request +---- +POST /oapi/v1/oauthclientauthorizations HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthClientAuthorization", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclientauthorizations <<'EOF' +{ + "kind": "OAuthClientAuthorization", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorization +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-oauthclientauthorizations-name]] +=== Get a OAuthClientAuthorization +Read the specified OAuthClientAuthorization + +==== HTTP request +---- +GET /oapi/v1/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclientauthorizations/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorization +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-oauthclientauthorizations]] +=== Get all OAuthClientAuthorizations +List or watch objects of kind OAuthClientAuthorization + +==== HTTP request +---- +GET /oapi/v1/oauthclientauthorizations HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclientauthorizations +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorizationList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-oauthclientauthorizations-name]] +=== Watch a OAuthClientAuthorization +Watch changes to an object of kind OAuthClientAuthorization + +==== HTTP request +---- +GET /oapi/v1/watch/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/oauthclientauthorizations/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-oauthclientauthorizations]] +=== Watch all OAuthClientAuthorizations +Watch individual changes to a list of OAuthClientAuthorization + +==== HTTP request +---- +GET /oapi/v1/watch/oauthclientauthorizations HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/oauthclientauthorizations +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-oauthclientauthorizations-name]] +=== Update a OAuthClientAuthorization +Replace the specified OAuthClientAuthorization + +==== HTTP request +---- +PUT /oapi/v1/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "OAuthClientAuthorization", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclientauthorizations/$NAME <<'EOF' +{ + "kind": "OAuthClientAuthorization", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.OAuthClientAuthorization +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorization +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-oauthclientauthorizations-name]] +=== Patch a OAuthClientAuthorization +Partially update the specified OAuthClientAuthorization + +==== HTTP request +---- +PATCH /oapi/v1/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/oauthclientauthorizations/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.OAuthClientAuthorization +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-oauthclientauthorizations-name]] +=== Delete a OAuthClientAuthorization +Delete an OAuthClientAuthorization + +==== HTTP request +---- +DELETE /oapi/v1/oauthclientauthorizations/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclientauthorizations/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the OAuthClientAuthorization +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-oauthclientauthorizations]] +=== Delete all OAuthClientAuthorizations +Delete collection of OAuthClientAuthorization + +==== HTTP request +---- +DELETE /oapi/v1/oauthclientauthorizations HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/oauthclientauthorizations +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.PodSecurityPolicyReview.adoc b/rest_api/oapi/v1.PodSecurityPolicyReview.adoc new file mode 100644 index 000000000000..8f39a1ae77b9 --- /dev/null +++ b/rest_api/oapi/v1.PodSecurityPolicyReview.adoc @@ -0,0 +1,1511 @@ += v1.PodSecurityPolicyReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PodSecurityPolicyReview checks which service accounts (not users, since that would be cluster-wide) can create the `PodTemplateSpec` in question. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  serviceAccountNames:
+
  - [string]:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
status:
+
  allowedServiceAccounts:
+
  - allowedBy:
+
  -   apiVersion:
+
      fieldPath:
+
      kind:
+
      name:
+
      namespace:
+
      resourceVersion:
+
      uid:
+
    name:
+
    reason:
+
    template:
+
      metadata:
+
        annotations:
+
          [string]:
+
        clusterName:
+
        creationTimestamp:
+
        deletionGracePeriodSeconds:
+
        deletionTimestamp:
+
        finalizers:
+
        - [string]:
+
        generateName:
+
        generation:
+
        initializers:
+
          pending:
+
          - name:
+
          result:
+
            apiVersion:
+
            code:
+
            details:
+
              causes:
+
              - field:
+
                message:
+
                reason:
+
              group:
+
              kind:
+
              name:
+
              retryAfterSeconds:
+
              uid:
+
            kind:
+
            message:
+
            metadata:
+
              resourceVersion:
+
              selfLink:
+
            reason:
+
            status:
+
        labels:
+
          [string]:
+
        name:
+
        namespace:
+
        ownerReferences:
+
        - apiVersion:
+
          blockOwnerDeletion:
+
          controller:
+
          kind:
+
          name:
+
          uid:
+
        resourceVersion:
+
        selfLink:
+
        uid:
+
      spec:
+
        activeDeadlineSeconds:
+
        affinity:
+
          nodeAffinity:
+
            preferredDuringSchedulingIgnoredDuringExecution:
+
            - preference:
+
            -   matchExpressions:
+
            -   - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
              weight:
+
            requiredDuringSchedulingIgnoredDuringExecution:
+
              nodeSelectorTerms:
+
              - matchExpressions:
+
              - - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
          podAffinity:
+
            preferredDuringSchedulingIgnoredDuringExecution:
+
            - podAffinityTerm:
+
            -   labelSelector:
+
            -     matchExpressions:
+
            -     - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                  matchLabels:
+
                    [string]:
+
                namespaces:
+
                - [string]:
+
                topologyKey:
+
              weight:
+
            requiredDuringSchedulingIgnoredDuringExecution:
+
            - labelSelector:
+
            -   matchExpressions:
+
            -   - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
          podAntiAffinity:
+
            preferredDuringSchedulingIgnoredDuringExecution:
+
            - podAffinityTerm:
+
            -   labelSelector:
+
            -     matchExpressions:
+
            -     - key:
+
                    operator:
+
                    values:
+
                    - [string]:
+
                  matchLabels:
+
                    [string]:
+
                namespaces:
+
                - [string]:
+
                topologyKey:
+
              weight:
+
            requiredDuringSchedulingIgnoredDuringExecution:
+
            - labelSelector:
+
            -   matchExpressions:
+
            -   - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
        automountServiceAccountToken:
+
        containers:
+
        - args:
+
        - - [string]:
+
          command:
+
          - [string]:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          envFrom:
+
          - configMapRef:
+
          -   name:
+
              optional:
+
            prefix:
+
            secretRef:
+
              name:
+
              optional:
+
          image:
+
          imagePullPolicy:
+
          lifecycle:
+
            postStart:
+
              exec:
+
                command:
+
                - [string]:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              tcpSocket:
+
                host:
+
                port:
+
            preStop:
+
              exec:
+
                command:
+
                - [string]:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              tcpSocket:
+
                host:
+
                port:
+
          livenessProbe:
+
            exec:
+
              command:
+
              - [string]:
+
            failureThreshold:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            initialDelaySeconds:
+
            periodSeconds:
+
            successThreshold:
+
            tcpSocket:
+
              host:
+
              port:
+
            timeoutSeconds:
+
          name:
+
          ports:
+
          - containerPort:
+
            hostIP:
+
            hostPort:
+
            name:
+
            protocol:
+
          readinessProbe:
+
            exec:
+
              command:
+
              - [string]:
+
            failureThreshold:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            initialDelaySeconds:
+
            periodSeconds:
+
            successThreshold:
+
            tcpSocket:
+
              host:
+
              port:
+
            timeoutSeconds:
+
          resources:
+
            limits:
+
              [string]:
+
            requests:
+
              [string]:
+
          securityContext:
+
            capabilities:
+
              add:
+
              - [string]:
+
              drop:
+
              - [string]:
+
            privileged:
+
            readOnlyRootFilesystem:
+
            runAsNonRoot:
+
            runAsUser:
+
            seLinuxOptions:
+
              level:
+
              role:
+
              type:
+
              user:
+
          stdin:
+
          stdinOnce:
+
          terminationMessagePath:
+
          terminationMessagePolicy:
+
          tty:
+
          volumeMounts:
+
          - mountPath:
+
            name:
+
            readOnly:
+
            subPath:
+
          workingDir:
+
        dnsPolicy:
+
        hostAliases:
+
        - hostnames:
+
        - - [string]:
+
          ip:
+
        hostIPC:
+
        hostNetwork:
+
        hostPID:
+
        hostname:
+
        imagePullSecrets:
+
        - name:
+
        initContainers:
+
        - args:
+
        - - [string]:
+
          command:
+
          - [string]:
+
          env:
+
          - name:
+
            value:
+
            valueFrom:
+
              configMapKeyRef:
+
                key:
+
                name:
+
                optional:
+
              fieldRef:
+
                apiVersion:
+
                fieldPath:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
              secretKeyRef:
+
                key:
+
                name:
+
                optional:
+
          envFrom:
+
          - configMapRef:
+
          -   name:
+
              optional:
+
            prefix:
+
            secretRef:
+
              name:
+
              optional:
+
          image:
+
          imagePullPolicy:
+
          lifecycle:
+
            postStart:
+
              exec:
+
                command:
+
                - [string]:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              tcpSocket:
+
                host:
+
                port:
+
            preStop:
+
              exec:
+
                command:
+
                - [string]:
+
              httpGet:
+
                host:
+
                httpHeaders:
+
                - name:
+
                  value:
+
                path:
+
                port:
+
                scheme:
+
              tcpSocket:
+
                host:
+
                port:
+
          livenessProbe:
+
            exec:
+
              command:
+
              - [string]:
+
            failureThreshold:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            initialDelaySeconds:
+
            periodSeconds:
+
            successThreshold:
+
            tcpSocket:
+
              host:
+
              port:
+
            timeoutSeconds:
+
          name:
+
          ports:
+
          - containerPort:
+
            hostIP:
+
            hostPort:
+
            name:
+
            protocol:
+
          readinessProbe:
+
            exec:
+
              command:
+
              - [string]:
+
            failureThreshold:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            initialDelaySeconds:
+
            periodSeconds:
+
            successThreshold:
+
            tcpSocket:
+
              host:
+
              port:
+
            timeoutSeconds:
+
          resources:
+
            limits:
+
              [string]:
+
            requests:
+
              [string]:
+
          securityContext:
+
            capabilities:
+
              add:
+
              - [string]:
+
              drop:
+
              - [string]:
+
            privileged:
+
            readOnlyRootFilesystem:
+
            runAsNonRoot:
+
            runAsUser:
+
            seLinuxOptions:
+
              level:
+
              role:
+
              type:
+
              user:
+
          stdin:
+
          stdinOnce:
+
          terminationMessagePath:
+
          terminationMessagePolicy:
+
          tty:
+
          volumeMounts:
+
          - mountPath:
+
            name:
+
            readOnly:
+
            subPath:
+
          workingDir:
+
        nodeName:
+
        nodeSelector:
+
          [string]:
+
        restartPolicy:
+
        schedulerName:
+
        securityContext:
+
          fsGroup:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
          supplementalGroups:
+
          - [integer]:
+
        serviceAccount:
+
        serviceAccountName:
+
        subdomain:
+
        terminationGracePeriodSeconds:
+
        tolerations:
+
        - effect:
+
          key:
+
          operator:
+
          tolerationSeconds:
+
          value:
+
        volumes:
+
        - awsElasticBlockStore:
+
        -   fsType:
+
            partition:
+
            readOnly:
+
            volumeID:
+
          azureDisk:
+
            cachingMode:
+
            diskName:
+
            diskURI:
+
            fsType:
+
            kind:
+
            readOnly:
+
          azureFile:
+
            readOnly:
+
            secretName:
+
            shareName:
+
          cephfs:
+
            monitors:
+
            - [string]:
+
            path:
+
            readOnly:
+
            secretFile:
+
            secretRef:
+
              name:
+
            user:
+
          cinder:
+
            fsType:
+
            readOnly:
+
            volumeID:
+
          configMap:
+
            defaultMode:
+
            items:
+
            - key:
+
              mode:
+
              path:
+
            name:
+
            optional:
+
          downwardAPI:
+
            defaultMode:
+
            items:
+
            - fieldRef:
+
            -   apiVersion:
+
                fieldPath:
+
              mode:
+
              path:
+
              resourceFieldRef:
+
                containerName:
+
                divisor:
+
                resource:
+
          emptyDir:
+
            medium:
+
            sizeLimit:
+
          fc:
+
            fsType:
+
            lun:
+
            readOnly:
+
            targetWWNs:
+
            - [string]:
+
          flexVolume:
+
            driver:
+
            fsType:
+
            options:
+
              [string]:
+
            readOnly:
+
            secretRef:
+
              name:
+
          flocker:
+
            datasetName:
+
            datasetUUID:
+
          gcePersistentDisk:
+
            fsType:
+
            partition:
+
            pdName:
+
            readOnly:
+
          gitRepo:
+
            directory:
+
            repository:
+
            revision:
+
          glusterfs:
+
            endpoints:
+
            path:
+
            readOnly:
+
          hostPath:
+
            path:
+
          iscsi:
+
            chapAuthDiscovery:
+
            chapAuthSession:
+
            fsType:
+
            iqn:
+
            iscsiInterface:
+
            lun:
+
            portals:
+
            - [string]:
+
            readOnly:
+
            secretRef:
+
              name:
+
            targetPortal:
+
          name:
+
          nfs:
+
            path:
+
            readOnly:
+
            server:
+
          persistentVolumeClaim:
+
            claimName:
+
            readOnly:
+
          photonPersistentDisk:
+
            fsType:
+
            pdID:
+
          portworxVolume:
+
            fsType:
+
            readOnly:
+
            volumeID:
+
          projected:
+
            defaultMode:
+
            sources:
+
            - configMap:
+
            -   items:
+
            -   - key:
+
                  mode:
+
                  path:
+
                name:
+
                optional:
+
              downwardAPI:
+
                items:
+
                - fieldRef:
+
                -   apiVersion:
+
                    fieldPath:
+
                  mode:
+
                  path:
+
                  resourceFieldRef:
+
                    containerName:
+
                    divisor:
+
                    resource:
+
              secret:
+
                items:
+
                - key:
+
                  mode:
+
                  path:
+
                name:
+
                optional:
+
          quobyte:
+
            group:
+
            readOnly:
+
            registry:
+
            user:
+
            volume:
+
          rbd:
+
            fsType:
+
            image:
+
            keyring:
+
            monitors:
+
            - [string]:
+
            pool:
+
            readOnly:
+
            secretRef:
+
              name:
+
            user:
+
          scaleIO:
+
            fsType:
+
            gateway:
+
            protectionDomain:
+
            readOnly:
+
            secretRef:
+
              name:
+
            sslEnabled:
+
            storageMode:
+
            storagePool:
+
            system:
+
            volumeName:
+
          secret:
+
            defaultMode:
+
            items:
+
            - key:
+
              mode:
+
              path:
+
            optional:
+
            secretName:
+
          storageos:
+
            fsType:
+
            readOnly:
+
            secretRef:
+
              name:
+
            volumeName:
+
            volumeNamespace:
+
          vsphereVolume:
+
            fsType:
+
            storagePolicyID:
+
            storagePolicyName:
+
            volumePath:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-podsecuritypolicyreviews]] +=== Create a PodSecurityPolicyReview +Create a PodSecurityPolicyReview + +==== HTTP request +---- +POST /oapi/v1/podsecuritypolicyreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicyReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/podsecuritypolicyreviews <<'EOF' +{ + "kind": "PodSecurityPolicyReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicyReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicyReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-podsecuritypolicyreviews]] +=== Create a PodSecurityPolicyReview in a namespace +Create a PodSecurityPolicyReview + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/podsecuritypolicyreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicyReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/podsecuritypolicyreviews <<'EOF' +{ + "kind": "PodSecurityPolicyReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicyReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicyReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.PodSecurityPolicySelfSubjectReview.adoc b/rest_api/oapi/v1.PodSecurityPolicySelfSubjectReview.adoc new file mode 100644 index 000000000000..83a9aacccf0f --- /dev/null +++ b/rest_api/oapi/v1.PodSecurityPolicySelfSubjectReview.adoc @@ -0,0 +1,1507 @@ += v1.PodSecurityPolicySelfSubjectReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PodSecurityPolicySelfSubjectReview checks whether this user/SA tuple can create the PodTemplateSpec + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
status:
+
  allowedBy:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  reason:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-podsecuritypolicyselfsubjectreviews]] +=== Create a PodSecurityPolicySelfSubjectReview +Create a PodSecurityPolicySelfSubjectReview + +==== HTTP request +---- +POST /oapi/v1/podsecuritypolicyselfsubjectreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicySelfSubjectReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/podsecuritypolicyselfsubjectreviews <<'EOF' +{ + "kind": "PodSecurityPolicySelfSubjectReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicySelfSubjectReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicySelfSubjectReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-podsecuritypolicyselfsubjectreviews]] +=== Create a PodSecurityPolicySelfSubjectReview in a namespace +Create a PodSecurityPolicySelfSubjectReview + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/podsecuritypolicyselfsubjectreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicySelfSubjectReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/podsecuritypolicyselfsubjectreviews <<'EOF' +{ + "kind": "PodSecurityPolicySelfSubjectReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicySelfSubjectReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicySelfSubjectReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.PodSecurityPolicySubjectReview.adoc b/rest_api/oapi/v1.PodSecurityPolicySubjectReview.adoc new file mode 100644 index 000000000000..c6b29c83ffb7 --- /dev/null +++ b/rest_api/oapi/v1.PodSecurityPolicySubjectReview.adoc @@ -0,0 +1,1510 @@ += v1.PodSecurityPolicySubjectReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +PodSecurityPolicySubjectReview checks whether a particular user/SA tuple can create the PodTemplateSpec. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  groups:
+
  - [string]:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+
  user:
+
status:
+
  allowedBy:
+
    apiVersion:
+
    fieldPath:
+
    kind:
+
    name:
+
    namespace:
+
    resourceVersion:
+
    uid:
+
  reason:
+
  template:
+
    metadata:
+
      annotations:
+
        [string]:
+
      clusterName:
+
      creationTimestamp:
+
      deletionGracePeriodSeconds:
+
      deletionTimestamp:
+
      finalizers:
+
      - [string]:
+
      generateName:
+
      generation:
+
      initializers:
+
        pending:
+
        - name:
+
        result:
+
          apiVersion:
+
          code:
+
          details:
+
            causes:
+
            - field:
+
              message:
+
              reason:
+
            group:
+
            kind:
+
            name:
+
            retryAfterSeconds:
+
            uid:
+
          kind:
+
          message:
+
          metadata:
+
            resourceVersion:
+
            selfLink:
+
          reason:
+
          status:
+
      labels:
+
        [string]:
+
      name:
+
      namespace:
+
      ownerReferences:
+
      - apiVersion:
+
        blockOwnerDeletion:
+
        controller:
+
        kind:
+
        name:
+
        uid:
+
      resourceVersion:
+
      selfLink:
+
      uid:
+
    spec:
+
      activeDeadlineSeconds:
+
      affinity:
+
        nodeAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - preference:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
            nodeSelectorTerms:
+
            - matchExpressions:
+
            - - key:
+
                operator:
+
                values:
+
                - [string]:
+
        podAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
        podAntiAffinity:
+
          preferredDuringSchedulingIgnoredDuringExecution:
+
          - podAffinityTerm:
+
          -   labelSelector:
+
          -     matchExpressions:
+
          -     - key:
+
                  operator:
+
                  values:
+
                  - [string]:
+
                matchLabels:
+
                  [string]:
+
              namespaces:
+
              - [string]:
+
              topologyKey:
+
            weight:
+
          requiredDuringSchedulingIgnoredDuringExecution:
+
          - labelSelector:
+
          -   matchExpressions:
+
          -   - key:
+
                operator:
+
                values:
+
                - [string]:
+
              matchLabels:
+
                [string]:
+
            namespaces:
+
            - [string]:
+
            topologyKey:
+
      automountServiceAccountToken:
+
      containers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      dnsPolicy:
+
      hostAliases:
+
      - hostnames:
+
      - - [string]:
+
        ip:
+
      hostIPC:
+
      hostNetwork:
+
      hostPID:
+
      hostname:
+
      imagePullSecrets:
+
      - name:
+
      initContainers:
+
      - args:
+
      - - [string]:
+
        command:
+
        - [string]:
+
        env:
+
        - name:
+
          value:
+
          valueFrom:
+
            configMapKeyRef:
+
              key:
+
              name:
+
              optional:
+
            fieldRef:
+
              apiVersion:
+
              fieldPath:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
            secretKeyRef:
+
              key:
+
              name:
+
              optional:
+
        envFrom:
+
        - configMapRef:
+
        -   name:
+
            optional:
+
          prefix:
+
          secretRef:
+
            name:
+
            optional:
+
        image:
+
        imagePullPolicy:
+
        lifecycle:
+
          postStart:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
          preStop:
+
            exec:
+
              command:
+
              - [string]:
+
            httpGet:
+
              host:
+
              httpHeaders:
+
              - name:
+
                value:
+
              path:
+
              port:
+
              scheme:
+
            tcpSocket:
+
              host:
+
              port:
+
        livenessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        name:
+
        ports:
+
        - containerPort:
+
          hostIP:
+
          hostPort:
+
          name:
+
          protocol:
+
        readinessProbe:
+
          exec:
+
            command:
+
            - [string]:
+
          failureThreshold:
+
          httpGet:
+
            host:
+
            httpHeaders:
+
            - name:
+
              value:
+
            path:
+
            port:
+
            scheme:
+
          initialDelaySeconds:
+
          periodSeconds:
+
          successThreshold:
+
          tcpSocket:
+
            host:
+
            port:
+
          timeoutSeconds:
+
        resources:
+
          limits:
+
            [string]:
+
          requests:
+
            [string]:
+
        securityContext:
+
          capabilities:
+
            add:
+
            - [string]:
+
            drop:
+
            - [string]:
+
          privileged:
+
          readOnlyRootFilesystem:
+
          runAsNonRoot:
+
          runAsUser:
+
          seLinuxOptions:
+
            level:
+
            role:
+
            type:
+
            user:
+
        stdin:
+
        stdinOnce:
+
        terminationMessagePath:
+
        terminationMessagePolicy:
+
        tty:
+
        volumeMounts:
+
        - mountPath:
+
          name:
+
          readOnly:
+
          subPath:
+
        workingDir:
+
      nodeName:
+
      nodeSelector:
+
        [string]:
+
      restartPolicy:
+
      schedulerName:
+
      securityContext:
+
        fsGroup:
+
        runAsNonRoot:
+
        runAsUser:
+
        seLinuxOptions:
+
          level:
+
          role:
+
          type:
+
          user:
+
        supplementalGroups:
+
        - [integer]:
+
      serviceAccount:
+
      serviceAccountName:
+
      subdomain:
+
      terminationGracePeriodSeconds:
+
      tolerations:
+
      - effect:
+
        key:
+
        operator:
+
        tolerationSeconds:
+
        value:
+
      volumes:
+
      - awsElasticBlockStore:
+
      -   fsType:
+
          partition:
+
          readOnly:
+
          volumeID:
+
        azureDisk:
+
          cachingMode:
+
          diskName:
+
          diskURI:
+
          fsType:
+
          kind:
+
          readOnly:
+
        azureFile:
+
          readOnly:
+
          secretName:
+
          shareName:
+
        cephfs:
+
          monitors:
+
          - [string]:
+
          path:
+
          readOnly:
+
          secretFile:
+
          secretRef:
+
            name:
+
          user:
+
        cinder:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        configMap:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          name:
+
          optional:
+
        downwardAPI:
+
          defaultMode:
+
          items:
+
          - fieldRef:
+
          -   apiVersion:
+
              fieldPath:
+
            mode:
+
            path:
+
            resourceFieldRef:
+
              containerName:
+
              divisor:
+
              resource:
+
        emptyDir:
+
          medium:
+
          sizeLimit:
+
        fc:
+
          fsType:
+
          lun:
+
          readOnly:
+
          targetWWNs:
+
          - [string]:
+
        flexVolume:
+
          driver:
+
          fsType:
+
          options:
+
            [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
        flocker:
+
          datasetName:
+
          datasetUUID:
+
        gcePersistentDisk:
+
          fsType:
+
          partition:
+
          pdName:
+
          readOnly:
+
        gitRepo:
+
          directory:
+
          repository:
+
          revision:
+
        glusterfs:
+
          endpoints:
+
          path:
+
          readOnly:
+
        hostPath:
+
          path:
+
        iscsi:
+
          chapAuthDiscovery:
+
          chapAuthSession:
+
          fsType:
+
          iqn:
+
          iscsiInterface:
+
          lun:
+
          portals:
+
          - [string]:
+
          readOnly:
+
          secretRef:
+
            name:
+
          targetPortal:
+
        name:
+
        nfs:
+
          path:
+
          readOnly:
+
          server:
+
        persistentVolumeClaim:
+
          claimName:
+
          readOnly:
+
        photonPersistentDisk:
+
          fsType:
+
          pdID:
+
        portworxVolume:
+
          fsType:
+
          readOnly:
+
          volumeID:
+
        projected:
+
          defaultMode:
+
          sources:
+
          - configMap:
+
          -   items:
+
          -   - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
            downwardAPI:
+
              items:
+
              - fieldRef:
+
              -   apiVersion:
+
                  fieldPath:
+
                mode:
+
                path:
+
                resourceFieldRef:
+
                  containerName:
+
                  divisor:
+
                  resource:
+
            secret:
+
              items:
+
              - key:
+
                mode:
+
                path:
+
              name:
+
              optional:
+
        quobyte:
+
          group:
+
          readOnly:
+
          registry:
+
          user:
+
          volume:
+
        rbd:
+
          fsType:
+
          image:
+
          keyring:
+
          monitors:
+
          - [string]:
+
          pool:
+
          readOnly:
+
          secretRef:
+
            name:
+
          user:
+
        scaleIO:
+
          fsType:
+
          gateway:
+
          protectionDomain:
+
          readOnly:
+
          secretRef:
+
            name:
+
          sslEnabled:
+
          storageMode:
+
          storagePool:
+
          system:
+
          volumeName:
+
        secret:
+
          defaultMode:
+
          items:
+
          - key:
+
            mode:
+
            path:
+
          optional:
+
          secretName:
+
        storageos:
+
          fsType:
+
          readOnly:
+
          secretRef:
+
            name:
+
          volumeName:
+
          volumeNamespace:
+
        vsphereVolume:
+
          fsType:
+
          storagePolicyID:
+
          storagePolicyName:
+
          volumePath:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-podsecuritypolicysubjectreviews]] +=== Create a PodSecurityPolicySubjectReview +Create a PodSecurityPolicySubjectReview + +==== HTTP request +---- +POST /oapi/v1/podsecuritypolicysubjectreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicySubjectReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/podsecuritypolicysubjectreviews <<'EOF' +{ + "kind": "PodSecurityPolicySubjectReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicySubjectReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicySubjectReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-podsecuritypolicysubjectreviews]] +=== Create a PodSecurityPolicySubjectReview in a namespace +Create a PodSecurityPolicySubjectReview + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/podsecuritypolicysubjectreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "PodSecurityPolicySubjectReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/podsecuritypolicysubjectreviews <<'EOF' +{ + "kind": "PodSecurityPolicySubjectReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.PodSecurityPolicySubjectReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.PodSecurityPolicySubjectReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ProcessedTemplate.adoc b/rest_api/oapi/v1.ProcessedTemplate.adoc new file mode 100644 index 000000000000..627856784083 --- /dev/null +++ b/rest_api/oapi/v1.ProcessedTemplate.adoc @@ -0,0 +1,263 @@ += v1.ProcessedTemplate +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Template contains the inputs needed to produce a Config. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
labels:
+
  [string]:
+
message:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
objects:
+
- Raw:
+
parameters:
+
- description:
+
  displayName:
+
  from:
+
  generate:
+
  name:
+
  required:
+
  value:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-processedtemplates]] +=== Create a ProcessedTemplate +Create a Template + +==== HTTP request +---- +POST /oapi/v1/processedtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/processedtemplates <<'EOF' +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-processedtemplates]] +=== Create a ProcessedTemplate in a namespace +Create a Template + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/processedtemplates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/processedtemplates <<'EOF' +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.Project.adoc b/rest_api/oapi/v1.Project.adoc new file mode 100644 index 000000000000..bba0ef05f854 --- /dev/null +++ b/rest_api/oapi/v1.Project.adoc @@ -0,0 +1,604 @@ += v1.Project +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Projects are the unit of isolation and collaboration in OpenShift. A project has one or more members, a quota on the resources that the project may consume, and the security controls on the resources in the project. Within a project, members may have different roles - project administrators can set membership, editors can create and manage the resources, and viewers can see but not access running containers. In a normal cluster project administrators are not able to alter their quotas - that is restricted to cluster administrators. + +Listing or watching projects will return only projects the user has the reader role on. + +An OpenShift project is an alternative representation of a Kubernetes namespace. Projects are exposed as editable to end users while namespaces are not. Direct creation of a project is typically restricted to administrators, while end users should use the requestproject resource. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  finalizers:
+
  - [string]:
+
status:
+
  phase:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-projects]] +=== Create a Project +Create a Project + +==== HTTP request +---- +POST /oapi/v1/projects HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Project", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/projects <<'EOF' +{ + "kind": "Project", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Project +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-projects-name]] +=== Get a Project +Read the specified Project + +==== HTTP request +---- +GET /oapi/v1/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/projects/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Project +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-projects]] +=== Get all Projects +List or watch objects of kind Project + +==== HTTP request +---- +GET /oapi/v1/projects HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/projects +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ProjectList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-projects-name]] +=== Watch a Project +Watch changes to an object of kind Project + +==== HTTP request +---- +GET /oapi/v1/watch/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/projects/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-projects]] +=== Watch all Projects +Watch individual changes to a list of Project + +==== HTTP request +---- +GET /oapi/v1/watch/projects HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/projects +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-projects-name]] +=== Update a Project +Replace the specified Project + +==== HTTP request +---- +PUT /oapi/v1/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Project", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/projects/$NAME <<'EOF' +{ + "kind": "Project", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Project +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Project +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-projects-name]] +=== Patch a Project +Partially update the specified Project + +==== HTTP request +---- +PATCH /oapi/v1/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/projects/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Project +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-projects-name]] +=== Delete a Project +Delete a Project + +==== HTTP request +---- +DELETE /oapi/v1/projects/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/projects/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Project +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.ProjectRequest.adoc b/rest_api/oapi/v1.ProjectRequest.adoc new file mode 100644 index 000000000000..9b7d0382a6d8 --- /dev/null +++ b/rest_api/oapi/v1.ProjectRequest.adoc @@ -0,0 +1,223 @@ += v1.ProjectRequest +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ProjecRequest is the set of options necessary to fully qualify a project request + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
description:
+
displayName:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-projectrequests]] +=== Create a ProjectRequest +Create a ProjectRequest + +==== HTTP request +---- +POST /oapi/v1/projectrequests HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ProjectRequest", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/projectrequests <<'EOF' +{ + "kind": "ProjectRequest", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ProjectRequest +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ProjectRequest +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-projectrequests]] +=== Get all ProjectRequests +List objects of kind ProjectRequest + +==== HTTP request +---- +GET /oapi/v1/projectrequests HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/projectrequests +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + + diff --git a/rest_api/oapi/v1.ResourceAccessReview.adoc b/rest_api/oapi/v1.ResourceAccessReview.adoc new file mode 100644 index 000000000000..3c6f1fea1c8b --- /dev/null +++ b/rest_api/oapi/v1.ResourceAccessReview.adoc @@ -0,0 +1,186 @@ += v1.ResourceAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +ResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
content:
+
  Raw:
+
isNonResourceURL:
+
kind:
+
namespace:
+
path:
+
resource:
+
resourceAPIGroup:
+
resourceAPIVersion:
+
resourceName:
+
verb:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-resourceaccessreviews]] +=== Create a ResourceAccessReview +Create a ResourceAccessReview + +==== HTTP request +---- +POST /oapi/v1/resourceaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ResourceAccessReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/resourceaccessreviews <<'EOF' +{ + "kind": "ResourceAccessReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ResourceAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-resourceaccessreviews]] +=== Create a ResourceAccessReview in a namespace +Create a ResourceAccessReview + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/resourceaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ResourceAccessReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/resourceaccessreviews <<'EOF' +{ + "kind": "ResourceAccessReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.ResourceAccessReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.ResourceAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.Role.adoc b/rest_api/oapi/v1.Role.adoc new file mode 100644 index 000000000000..c37cb73f42f6 --- /dev/null +++ b/rest_api/oapi/v1.Role.adoc @@ -0,0 +1,657 @@ += v1.Role +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Role is a logical grouping of PolicyRules that can be referenced as a unit by RoleBindings. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
rules:
+
- apiGroups:
+
- - [string]:
+
  attributeRestrictions:
+
    Raw:
+
  nonResourceURLs:
+
  - [string]:
+
  resourceNames:
+
  - [string]:
+
  resources:
+
  - [string]:
+
  verbs:
+
  - [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-roles]] +=== Create a Role +Create a Role + +==== HTTP request +---- +POST /oapi/v1/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Role", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/roles <<'EOF' +{ + "kind": "Role", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Role +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-roles]] +=== Create a Role in a namespace +Create a Role + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Role", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/roles <<'EOF' +{ + "kind": "Role", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Role +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-roles-name]] +=== Get a Role in a namespace +Read the specified Role + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/roles/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-roles]] +=== Get all Roles +List objects of kind Role + +==== HTTP request +---- +GET /oapi/v1/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/roles +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-roles]] +=== Get all Roles in a namespace +List objects of kind Role + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/roles HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/roles +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-roles-name]] +=== Update a Role in a namespace +Replace the specified Role + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Role", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/roles/$NAME <<'EOF' +{ + "kind": "Role", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Role +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-roles-name]] +=== Patch a Role in a namespace +Partially update the specified Role + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/roles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Role +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-roles-name]] +=== Delete a Role in a namespace +Delete a Role + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/roles/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/roles/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Role +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.RoleBinding.adoc b/rest_api/oapi/v1.RoleBinding.adoc new file mode 100644 index 000000000000..3edf0c07ff35 --- /dev/null +++ b/rest_api/oapi/v1.RoleBinding.adoc @@ -0,0 +1,664 @@ += v1.RoleBinding +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +RoleBinding references a Role, but not contain it. It can reference any Role in the same namespace or in the global namespace. It adds who information via (Users and Groups) OR Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace (excepting the master namespace which has power in all namespaces). + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
groupNames:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
roleRef:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
subjects:
+
- apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
userNames:
+
- [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-rolebindings]] +=== Create a RoleBinding +Create a RoleBinding + +==== HTTP request +---- +POST /oapi/v1/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBinding", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/rolebindings <<'EOF' +{ + "kind": "RoleBinding", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBinding +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-rolebindings]] +=== Create a RoleBinding in a namespace +Create a RoleBinding + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBinding", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindings <<'EOF' +{ + "kind": "RoleBinding", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBinding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-rolebindings-name]] +=== Get a RoleBinding in a namespace +Read the specified RoleBinding + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-rolebindings]] +=== Get all RoleBindings +List objects of kind RoleBinding + +==== HTTP request +---- +GET /oapi/v1/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/rolebindings +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-rolebindings]] +=== Get all RoleBindings in a namespace +List objects of kind RoleBinding + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/rolebindings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindings +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-rolebindings-name]] +=== Update a RoleBinding in a namespace +Replace the specified RoleBinding + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBinding", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindings/$NAME <<'EOF' +{ + "kind": "RoleBinding", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBinding +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-rolebindings-name]] +=== Patch a RoleBinding in a namespace +Partially update the specified RoleBinding + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBinding +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-rolebindings-name]] +=== Delete a RoleBinding in a namespace +Delete a RoleBinding + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/rolebindings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBinding +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.RoleBindingRestriction.adoc b/rest_api/oapi/v1.RoleBindingRestriction.adoc new file mode 100644 index 000000000000..e86416494d18 --- /dev/null +++ b/rest_api/oapi/v1.RoleBindingRestriction.adoc @@ -0,0 +1,914 @@ += v1.RoleBindingRestriction +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +RoleBindingRestriction is an object that can be matched against a subject (user, group, or service account) to determine whether rolebindings on that subject are allowed in the namespace to which the RoleBindingRestriction belongs. If any one of those RoleBindingRestriction objects matches a subject, rolebindings on that subject in the namespace are allowed. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  grouprestriction:
+
    groups:
+
    - [string]:
+
    labels:
+
    - matchExpressions:
+
    - - key:
+
        operator:
+
        values:
+
        - [string]:
+
      matchLabels:
+
        [string]:
+
  serviceaccountrestriction:
+
    namespaces:
+
    - [string]:
+
    serviceaccounts:
+
    - name:
+
      namespace:
+
  userrestriction:
+
    groups:
+
    - [string]:
+
    labels:
+
    - matchExpressions:
+
    - - key:
+
        operator:
+
        values:
+
        - [string]:
+
      matchLabels:
+
        [string]:
+
    users:
+
    - [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-rolebindingrestrictions]] +=== Create a RoleBindingRestriction +Create a RoleBindingRestriction + +==== HTTP request +---- +POST /oapi/v1/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBindingRestriction", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/rolebindingrestrictions <<'EOF' +{ + "kind": "RoleBindingRestriction", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBindingRestriction +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-rolebindingrestrictions]] +=== Create a RoleBindingRestriction in a namespace +Create a RoleBindingRestriction + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBindingRestriction", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions <<'EOF' +{ + "kind": "RoleBindingRestriction", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBindingRestriction +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-rolebindingrestrictions-name]] +=== Get a RoleBindingRestriction in a namespace +Read the specified RoleBindingRestriction + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-rolebindingrestrictions]] +=== Get all RoleBindingRestrictions +List or watch objects of kind RoleBindingRestriction + +==== HTTP request +---- +GET /oapi/v1/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/rolebindingrestrictions +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestrictionList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-rolebindingrestrictions]] +=== Get all RoleBindingRestrictions in a namespace +List or watch objects of kind RoleBindingRestriction + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestrictionList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-rolebindingrestrictions-name]] +=== Watch a RoleBindingRestriction in a namespace +Watch changes to an object of kind RoleBindingRestriction + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-rolebindingrestrictions]] +=== Watch all RoleBindingRestrictions +Watch individual changes to a list of RoleBindingRestriction + +==== HTTP request +---- +GET /oapi/v1/watch/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/rolebindingrestrictions +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-rolebindingrestrictions]] +=== Watch all RoleBindingRestrictions in a namespace +Watch individual changes to a list of RoleBindingRestriction + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/rolebindingrestrictions +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-rolebindingrestrictions-name]] +=== Update a RoleBindingRestriction in a namespace +Replace the specified RoleBindingRestriction + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "RoleBindingRestriction", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME <<'EOF' +{ + "kind": "RoleBindingRestriction", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.RoleBindingRestriction +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-rolebindingrestrictions-name]] +=== Patch a RoleBindingRestriction in a namespace +Partially update the specified RoleBindingRestriction + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RoleBindingRestriction +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-rolebindingrestrictions-name]] +=== Delete a RoleBindingRestriction in a namespace +Delete a RoleBindingRestriction + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the RoleBindingRestriction +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-rolebindingrestrictions]] +=== Delete all RoleBindingRestrictions in a namespace +Delete collection of RoleBindingRestriction + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/rolebindingrestrictions +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.Route.adoc b/rest_api/oapi/v1.Route.adoc new file mode 100644 index 000000000000..283cef742ca5 --- /dev/null +++ b/rest_api/oapi/v1.Route.adoc @@ -0,0 +1,1132 @@ += v1.Route +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +A route allows developers to expose services through an HTTP(S) aware load balancing and proxy layer via a public DNS entry. The route may further specify TLS options and a certificate, or specify a public CNAME that the router should also accept for HTTP and HTTPS traffic. An administrator typically configures their router to be visible outside the cluster firewall, and may also add additional security, caching, or traffic controls on the service content. Routers usually talk directly to the service endpoints. + +Once a route is created, the `host` field may not be changed. Generally, routers use the oldest route with a given host when resolving conflicts. + +Routers are subject to additional customization and may support additional controls via the annotations field. + +Because administrators may configure multiple routers, the route status field is used to return information to clients about the names and states of the route under each router. If a client chooses a duplicate name, for instance, the route status conditions are used to indicate the route cannot be chosen. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
spec:
+
  alternateBackends:
+
  - kind:
+
    name:
+
    weight:
+
  host:
+
  path:
+
  port:
+
    targetPort:
+
  tls:
+
    caCertificate:
+
    certificate:
+
    destinationCACertificate:
+
    insecureEdgeTerminationPolicy:
+
    key:
+
    termination:
+
  to:
+
    kind:
+
    name:
+
    weight:
+
  wildcardPolicy:
+
status:
+
  ingress:
+
  - conditions:
+
  - - lastTransitionTime:
+
      message:
+
      reason:
+
      status:
+
      type:
+
    host:
+
    routerCanonicalHostname:
+
    routerName:
+
    wildcardPolicy:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-routes]] +=== Create a Route +Create a Route + +==== HTTP request +---- +POST /oapi/v1/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Route", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/routes <<'EOF' +{ + "kind": "Route", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Route +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-routes]] +=== Create a Route in a namespace +Create a Route + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Route", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes <<'EOF' +{ + "kind": "Route", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Route +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-routes-name]] +=== Get a Route in a namespace +Read the specified Route + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-routes]] +=== Get all Routes +List or watch objects of kind Route + +==== HTTP request +---- +GET /oapi/v1/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/routes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RouteList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-routes]] +=== Get all Routes in a namespace +List or watch objects of kind Route + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.RouteList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-routes-name]] +=== Watch a Route in a namespace +Watch changes to an object of kind Route + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/routes/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-routes]] +=== Watch all Routes +Watch individual changes to a list of Route + +==== HTTP request +---- +GET /oapi/v1/watch/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/routes +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-routes]] +=== Watch all Routes in a namespace +Watch individual changes to a list of Route + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/routes +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-routes-name]] +=== Update a Route in a namespace +Replace the specified Route + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Route", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes/$NAME <<'EOF' +{ + "kind": "Route", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Route +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-routes-name]] +=== Patch a Route in a namespace +Partially update the specified Route + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-routes-name]] +=== Delete a Route in a namespace +Delete a Route + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/routes/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-routes]] +=== Delete all Routes in a namespace +Delete collection of Route + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/routes HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-routes-name-status]] +=== Get status of a Route in a namespace +Read status of the specified Route + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/routes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes/$NAME/status +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-oapi-v1-namespaces-namespace-routes-name-status]] +=== Update status of a Route in a namespace +Replace status of the specified Route + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/routes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "Route", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes/$NAME/status <<'EOF' +{ + "kind": "Route", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Route +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-routes-name-status]] +=== Patch status of a Route in a namespace +Partially update status of the specified Route + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/routes/$NAME/status HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/routes/$NAME/status <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Route +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Route +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.SelfSubjectRulesReview.adoc b/rest_api/oapi/v1.SelfSubjectRulesReview.adoc new file mode 100644 index 000000000000..b67564b77704 --- /dev/null +++ b/rest_api/oapi/v1.SelfSubjectRulesReview.adoc @@ -0,0 +1,194 @@ += v1.SelfSubjectRulesReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SelfSubjectRulesReview is a resource you can create to determine which actions you can perform in a namespace + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  scopes:
+
  - [string]:
+
status:
+
  evaluationError:
+
  rules:
+
  - apiGroups:
+
  - - [string]:
+
    attributeRestrictions:
+
      Raw:
+
    nonResourceURLs:
+
    - [string]:
+
    resourceNames:
+
    - [string]:
+
    resources:
+
    - [string]:
+
    verbs:
+
    - [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-selfsubjectrulesreviews]] +=== Create a SelfSubjectRulesReview +Create a SelfSubjectRulesReview + +==== HTTP request +---- +POST /oapi/v1/selfsubjectrulesreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SelfSubjectRulesReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/selfsubjectrulesreviews <<'EOF' +{ + "kind": "SelfSubjectRulesReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SelfSubjectRulesReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SelfSubjectRulesReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-selfsubjectrulesreviews]] +=== Create a SelfSubjectRulesReview in a namespace +Create a SelfSubjectRulesReview + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/selfsubjectrulesreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SelfSubjectRulesReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/selfsubjectrulesreviews <<'EOF' +{ + "kind": "SelfSubjectRulesReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SelfSubjectRulesReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SelfSubjectRulesReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.SubjectAccessReview.adoc b/rest_api/oapi/v1.SubjectAccessReview.adoc new file mode 100644 index 000000000000..6b3392e9b45d --- /dev/null +++ b/rest_api/oapi/v1.SubjectAccessReview.adoc @@ -0,0 +1,191 @@ += v1.SubjectAccessReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SubjectAccessReview is an object for requesting information about whether a user or group can perform an action + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
content:
+
  Raw:
+
groups:
+
- [string]:
+
isNonResourceURL:
+
kind:
+
namespace:
+
path:
+
resource:
+
resourceAPIGroup:
+
resourceAPIVersion:
+
resourceName:
+
scopes:
+
- [string]:
+
user:
+
verb:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-subjectaccessreviews]] +=== Create a SubjectAccessReview +Create a SubjectAccessReview + +==== HTTP request +---- +POST /oapi/v1/subjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SubjectAccessReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/subjectaccessreviews <<'EOF' +{ + "kind": "SubjectAccessReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SubjectAccessReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-subjectaccessreviews]] +=== Create a SubjectAccessReview in a namespace +Create a SubjectAccessReview + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/subjectaccessreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SubjectAccessReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/subjectaccessreviews <<'EOF' +{ + "kind": "SubjectAccessReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SubjectAccessReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SubjectAccessReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.SubjectRulesReview.adoc b/rest_api/oapi/v1.SubjectRulesReview.adoc new file mode 100644 index 000000000000..ff61d5293e60 --- /dev/null +++ b/rest_api/oapi/v1.SubjectRulesReview.adoc @@ -0,0 +1,197 @@ += v1.SubjectRulesReview +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +SubjectRulesReview is a resource you can create to determine which actions another user can perform in a namespace + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
spec:
+
  groups:
+
  - [string]:
+
  scopes:
+
  - [string]:
+
  user:
+
status:
+
  evaluationError:
+
  rules:
+
  - apiGroups:
+
  - - [string]:
+
    attributeRestrictions:
+
      Raw:
+
    nonResourceURLs:
+
    - [string]:
+
    resourceNames:
+
    - [string]:
+
    resources:
+
    - [string]:
+
    verbs:
+
    - [string]:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-subjectrulesreviews]] +=== Create a SubjectRulesReview +Create a SubjectRulesReview + +==== HTTP request +---- +POST /oapi/v1/subjectrulesreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SubjectRulesReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/subjectrulesreviews <<'EOF' +{ + "kind": "SubjectRulesReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SubjectRulesReview +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SubjectRulesReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-subjectrulesreviews]] +=== Create a SubjectRulesReview in a namespace +Create a SubjectRulesReview + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/subjectrulesreviews HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "SubjectRulesReview", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/subjectrulesreviews <<'EOF' +{ + "kind": "SubjectRulesReview", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.SubjectRulesReview +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.SubjectRulesReview +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.Template.adoc b/rest_api/oapi/v1.Template.adoc new file mode 100644 index 000000000000..ef05fa23f201 --- /dev/null +++ b/rest_api/oapi/v1.Template.adoc @@ -0,0 +1,902 @@ += v1.Template +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Template contains the inputs needed to produce a Config. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
kind:
+
labels:
+
  [string]:
+
message:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
objects:
+
- Raw:
+
parameters:
+
- description:
+
  displayName:
+
  from:
+
  generate:
+
  name:
+
  required:
+
  value:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-templates]] +=== Create a Template +Create a Template + +==== HTTP request +---- +POST /oapi/v1/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/templates <<'EOF' +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Post-oapi-v1-namespaces-namespace-templates]] +=== Create a Template in a namespace +Create a Template + +==== HTTP request +---- +POST /oapi/v1/namespaces/$NAMESPACE/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/templates <<'EOF' +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-namespaces-namespace-templates-name]] +=== Get a Template in a namespace +Read the specified Template + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/templates/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-templates]] +=== Get all Templates +List or watch objects of kind Template + +==== HTTP request +---- +GET /oapi/v1/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/templates +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-namespaces-namespace-templates]] +=== Get all Templates in a namespace +List or watch objects of kind Template + +==== HTTP request +---- +GET /oapi/v1/namespaces/$NAMESPACE/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/templates +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.TemplateList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-templates-name]] +=== Watch a Template in a namespace +Watch changes to an object of kind Template + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/templates/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-templates]] +=== Watch all Templates +Watch individual changes to a list of Template + +==== HTTP request +---- +GET /oapi/v1/watch/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/templates +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-namespaces-namespace-templates]] +=== Watch all Templates in a namespace +Watch individual changes to a list of Template + +==== HTTP request +---- +GET /oapi/v1/watch/namespaces/$NAMESPACE/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/namespaces/$NAMESPACE/templates +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-namespaces-namespace-templates-name]] +=== Update a Template in a namespace +Replace the specified Template + +==== HTTP request +---- +PUT /oapi/v1/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/templates/$NAME <<'EOF' +{ + "kind": "ProcessedTemplate", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Template +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-namespaces-namespace-templates-name]] +=== Patch a Template in a namespace +Partially update the specified Template + +==== HTTP request +---- +PATCH /oapi/v1/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/templates/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Template +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-templates-name]] +=== Delete a Template in a namespace +Delete a Template + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/templates/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/templates/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the Template +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-namespaces-namespace-templates]] +=== Delete all Templates in a namespace +Delete collection of Template + +==== HTTP request +---- +DELETE /oapi/v1/namespaces/$NAMESPACE/templates HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/templates +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|namespace|object name and auth scope, such as for teams and projects +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.User.adoc b/rest_api/oapi/v1.User.adoc new file mode 100644 index 000000000000..70a265fe9bae --- /dev/null +++ b/rest_api/oapi/v1.User.adoc @@ -0,0 +1,677 @@ += v1.User +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +Upon log in, every user of the system receives a User and Identity resource. Administrators may directly manipulate the attributes of the users for their own tracking, or set groups via the API. The user name is unique and is chosen based on the value provided by the identity provider - if a user already exists with the incoming name, the user name may have a number appended to it depending on the configuration of the system. + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
fullName:
+
groups:
+
- [string]:
+
identities:
+
- [string]:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-users]] +=== Create a User +Create an User + +==== HTTP request +---- +POST /oapi/v1/users HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "User", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/users <<'EOF' +{ + "kind": "User", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.User +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-users-name]] +=== Get a User +Read the specified User + +==== HTTP request +---- +GET /oapi/v1/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/users/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|exact|Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. +|export|Should this value be exported. Export strips fields that a user can not specify. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.User +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-users]] +=== Get all Users +List or watch objects of kind User + +==== HTTP request +---- +GET /oapi/v1/users HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/users +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserList +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-users-name]] +=== Watch a User +Watch changes to an object of kind User + +==== HTTP request +---- +GET /oapi/v1/watch/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/users/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Get-oapi-v1-watch-users]] +=== Watch all Users +Watch individual changes to a list of User + +==== HTTP request +---- +GET /oapi/v1/watch/users HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/watch/users +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|pretty|If 'true', then the output is pretty printed. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.WatchEvent +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf +* application/json;stream=watch +* application/vnd.kubernetes.protobuf;stream=watch + + +[[Put-oapi-v1-users-name]] +=== Update a User +Replace the specified User + +==== HTTP request +---- +PUT /oapi/v1/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "User", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/users/$NAME <<'EOF' +{ + "kind": "User", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.User +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.User +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-users-name]] +=== Patch a User +Partially update the specified User + +==== HTTP request +---- +PATCH /oapi/v1/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/users/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.User +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-users-name]] +=== Delete a User +Delete an User + +==== HTTP request +---- +DELETE /oapi/v1/users/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/users/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.DeleteOptions +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the User +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|gracePeriodSeconds|The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +|orphanDependents|Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +|propagationPolicy|Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-users]] +=== Delete all Users +Delete collection of User + +==== HTTP request +---- +DELETE /oapi/v1/users HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/users +---- + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|fieldSelector|A selector to restrict the list of returned objects by their fields. Defaults to everything. +|includeUninitialized|If true, partially initialized resources are included in the response. +|labelSelector|A selector to restrict the list of returned objects by their labels. Defaults to everything. +|resourceVersion|When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. +|timeoutSeconds|Timeout for the list/watch call. +|watch|Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/oapi/v1.UserIdentityMapping.adoc b/rest_api/oapi/v1.UserIdentityMapping.adoc new file mode 100644 index 000000000000..ffc976540e9f --- /dev/null +++ b/rest_api/oapi/v1.UserIdentityMapping.adoc @@ -0,0 +1,442 @@ += v1.UserIdentityMapping +{product-author} +{product-version} +:data-uri: +:icons: +:toc: macro +:toc-title: +:toclevels: 2 + +toc::[] + +== Description +[%hardbreaks] +UserIdentityMapping maps a user to an identity + +== Object Schema +Expand or mouse-over a field for more information about it. + +++++ +
+
apiVersion:
+
identity:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+
kind:
+
metadata:
+
  annotations:
+
    [string]:
+
  clusterName:
+
  creationTimestamp:
+
  deletionGracePeriodSeconds:
+
  deletionTimestamp:
+
  finalizers:
+
  - [string]:
+
  generateName:
+
  generation:
+
  initializers:
+
    pending:
+
    - name:
+
    result:
+
      apiVersion:
+
      code:
+
      details:
+
        causes:
+
        - field:
+
          message:
+
          reason:
+
        group:
+
        kind:
+
        name:
+
        retryAfterSeconds:
+
        uid:
+
      kind:
+
      message:
+
      metadata:
+
        resourceVersion:
+
        selfLink:
+
      reason:
+
      status:
+
  labels:
+
    [string]:
+
  name:
+
  namespace:
+
  ownerReferences:
+
  - apiVersion:
+
    blockOwnerDeletion:
+
    controller:
+
    kind:
+
    name:
+
    uid:
+
  resourceVersion:
+
  selfLink:
+
  uid:
+
user:
+
  apiVersion:
+
  fieldPath:
+
  kind:
+
  name:
+
  namespace:
+
  resourceVersion:
+
  uid:
+

+
+++++ + +== Operations + +[[Post-oapi-v1-useridentitymappings]] +=== Create a UserIdentityMapping +Create an UserIdentityMapping + +==== HTTP request +---- +POST /oapi/v1/useridentitymappings HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "UserIdentityMapping", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X POST \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/useridentitymappings <<'EOF' +{ + "kind": "UserIdentityMapping", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserIdentityMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Get-oapi-v1-useridentitymappings-name]] +=== Get a UserIdentityMapping +Read the specified UserIdentityMapping + +==== HTTP request +---- +GET /oapi/v1/useridentitymappings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/useridentitymappings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserIdentityMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Put-oapi-v1-useridentitymappings-name]] +=== Update a UserIdentityMapping +Replace the specified UserIdentityMapping + +==== HTTP request +---- +PUT /oapi/v1/useridentitymappings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json' + +{ + "kind": "UserIdentityMapping", + "apiVersion": "v1", + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PUT \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + https://$ENDPOINT/oapi/v1/useridentitymappings/$NAME <<'EOF' +{ + "kind": "UserIdentityMapping", + "apiVersion": "v1", + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.UserIdentityMapping +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserIdentityMapping +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Patch-oapi-v1-useridentitymappings-name]] +=== Patch a UserIdentityMapping +Partially update the specified UserIdentityMapping + +==== HTTP request +---- +PATCH /oapi/v1/useridentitymappings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +Content-Type: application/json-patch+json' + +{ + ... +} + +---- + +==== Curl request +---- +$ curl -k \ + -X PATCH \ + -d @- \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json-patch+json' \ + https://$ENDPOINT/oapi/v1/useridentitymappings/$NAME <<'EOF' +{ + ... +} +EOF +---- + +==== HTTP body +[cols="1,5", options="header"] +|=== +|Parameter|Schema +|body|v1.Patch +|=== + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.UserIdentityMapping +|401 Unauthorized| +|=== + +==== Consumes + +* application/json-patch+json +* application/merge-patch+json +* application/strategic-merge-patch+json + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + +[[Delete-oapi-v1-useridentitymappings-name]] +=== Delete a UserIdentityMapping +Delete an UserIdentityMapping + +==== HTTP request +---- +DELETE /oapi/v1/useridentitymappings/$NAME HTTP/1.1 +Authorization: Bearer $TOKEN +Accept: application/json +Connection: close +---- + +==== Curl request +---- +$ curl -k \ + -X DELETE \ + -H "Authorization: Bearer $TOKEN" \ + -H 'Accept: application/json' \ + https://$ENDPOINT/oapi/v1/useridentitymappings/$NAME +---- + +==== Path parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|name|name of the UserIdentityMapping +|=== + +==== Query parameters +[cols="1,5", options="header"] +|=== +|Parameter|Description +|pretty|If 'true', then the output is pretty printed. +|=== + +==== Responses +[cols="1,5", options="header"] +|=== +|HTTP Code|Schema +|200 OK|v1.Status +|401 Unauthorized| +|=== + +==== Consumes + +* \*/* + +==== Produces + +* application/json +* application/yaml +* application/vnd.kubernetes.protobuf + + + diff --git a/rest_api/revhistory_rest_api.adoc b/rest_api/revhistory_rest_api.adoc index 63954a7c2d44..01c65878c813 100644 --- a/rest_api/revhistory_rest_api.adoc +++ b/rest_api/revhistory_rest_api.adoc @@ -7,38 +7,35 @@ :experimental: // do-release: revhist-tables -== Tue Nov 08 2016 +== Mon Sep 25 2017 -// tag::rest_api_tue_nov_08_2016[] +// tag::rest_api_mon_sep_25_2017[] [cols="1,3",options="header"] |=== |Affected Topic |Description of Change -//Tue Nov 08 2016 -|xref:../rest_api/index.adoc#rest-api-index[Overview] -|Updated the `oc whoami --token` command to show the shorter flag of `oc whoami --t`. +//Mon Sep 25 2017 +|xref:../rest_api/examples.adoc#rest-api-examples[REST API Examples] +|Added a new REST API Examples topic. |=== -// end::rest_api_tue_nov_08_2016[] -== Tue Oct 04 2016 +// end::rest_api_mon_sep_25_2017[] +== Wed Aug 09 2017 -// tag::rest_api_tue_oct_04_2016[] +{product-title} {product-version} Initial Release + +// tag::rest_api_wed_aug_09_2017[] [cols="1,3",options="header"] |=== |Affected Topic |Description of Change -//Tue Oct 04 2016 -|xref:../rest_api/index.adoc#rest-api-index[Overview] -|Updated the `oc whoami --token` command to show the shorter flag of `oc whoami --t`. - - +//Wed Aug 09 2017 +|xref:../rest_api/openshift_v1.adoc#rest-api-openshift-v1[{product-title} v1 REST API] +|Added information about allowing domain names in `EgressNetworkPolicy`. |=== -// end::rest_api_tue_oct_04_2016[] -== Thu Jun 02 2016 - -OpenShift Dedicated 3.2 initial documentation release. +// end::rest_api_wed_aug_09_2017[] From a67df7bda93e2e473b14aed283e1e2ef35b03a71 Mon Sep 17 00:00:00 2001 From: Alex Dellapenta Date: Fri, 8 Dec 2017 13:42:50 -0500 Subject: [PATCH 8/8] Re-add dev_guide/selector_label --- _topic_map.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/_topic_map.yml b/_topic_map.yml index 2957e48beae4..3575e37a27c9 100644 --- a/_topic_map.yml +++ b/_topic_map.yml @@ -759,6 +759,12 @@ Topics: File: volumes - Name: Using Persistent Volumes File: persistent_volumes +- Name: Storage Classes + File: storage_classes + Distros: openshift-online +- Name: Selector and Label Volume Binding + File: selector_label_volume_binding + Distros: openshift-online - Name: Executing Remote Commands File: executing_remote_commands - Name: Copying Files