ExtensionConfig
Scope: Cluster
Version: v1alpha1
ExtensionConfig is the Schema for the ExtensionConfig API.
- apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- metadata
- spec
ExtensionConfigSpec is the desired state of the ExtensionConfig
- spec.clientConfig
Required value
ClientConfig defines how to communicate with the Extension server.
- spec.clientConfig.caBundle
CABundle is a PEM encoded CA bundle which will be used to validate the Extension server’s server certificate.
- spec.clientConfig.service
Service is a reference to the Kubernetes service for the Extension server. Note: Exactly one of
url
orservice
must be specified. If the Extension server is running within a cluster, then you should useservice
.- spec.clientConfig.service.name
Required value
Name is the name of the service.
- spec.clientConfig.service.namespace
Required value
Namespace is the namespace of the service.
- spec.clientConfig.service.path
Path is an optional URL path and if present may be any string permissible in a URL. If a path is set it will be used as prefix to the hook-specific path.
- spec.clientConfig.service.port
Port is the port on the service that’s hosting the Extension server. Defaults to 443. Port should be a valid port number (1-65535, inclusive).
- spec.clientConfig.url
URL gives the location of the Extension server, in standard URL form (
scheme://host:port/path
). Note: Exactly one ofurl
orservice
must be specified. The scheme must be “https”. Thehost
should not refer to a service running in the cluster; use theservice
field instead. A path is optional, and if present may be any string permissible in a URL. If a path is set it will be used as prefix to the hook-specific path. Attempting to use a user or basic auth e.g. “user:password@” is not allowed. Fragments (“#…”) and query parameters (“?…”) are not allowed either.
- spec.namespaceSelector
NamespaceSelector decides whether to call the hook for an object based on whether the namespace for that object matches the selector. Defaults to the empty LabelSelector, which matches all objects.
- spec.namespaceSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- spec.namespaceSelector.matchExpressions.key
Required value
key is the label key that the selector applies to.
- spec.namespaceSelector.matchExpressions.operator
Required value
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- spec.namespaceSelector.matchExpressions.values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- spec.namespaceSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
- spec.settings
Settings defines key value pairs to be passed to all calls to all supported RuntimeExtensions. Note: Settings can be overridden on the ClusterClass.