Skip to content

cdk8s-plus-20 (Python)

Constructs

ConfigMap

ConfigMap holds configuration data for pods to consume.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.ConfigMap(
  scope: Construct,
  id: str,
  metadata: ApiObjectMetadata = None,
  binary_data: typing.Mapping[str] = None,
  data: typing.Mapping[str] = None
)
scopeRequired

idRequired
  • Type: str

metadataOptional

Metadata that all persisted resources must have, which includes all objects users must create.


binary_dataOptional
  • Type: typing.Mapping[str]

BinaryData contains the binary data.

Each key must consist of alphanumeric characters, ‘-‘, ‘_’ or ‘.’. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.

You can also add binary data using configMap.addBinaryData().


dataOptional
  • Type: typing.Mapping[str]

Data contains the configuration data.

Each key must consist of alphanumeric characters, ‘-‘, ‘_’ or ‘.’. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.

You can also add data using configMap.addData().


Methods

add_binary_data
def add_binary_data(
  key: str,
  value: str
)
keyRequired
  • Type: str

The key.


valueRequired
  • Type: str

The value.


add_data
def add_data(
  key: str,
  value: str
)
keyRequired
  • Type: str

The key.


valueRequired
  • Type: str

The value.


add_directory
def add_directory(
  local_dir: str,
  exclude: typing.List[str] = None,
  key_prefix: str = None
)
local_dirRequired
  • Type: str

A path to a local directory.


excludeOptional
  • Type: typing.List[str]
  • Default: include all files

Glob patterns to exclude when adding files.


key_prefixOptional
  • Type: str
  • Default: “”

A prefix to add to all keys in the config map.


add_file
def add_file(
  local_file: str,
  key: str = None
)
local_fileRequired
  • Type: str

The path to the local file.


keyOptional
  • Type: str

The ConfigMap key (default to the file name).


Static Functions

from_config_map_name
import cdk8s_plus_20

cdk8s_plus_20.ConfigMap.from_config_map_name(
  name: str
)
nameRequired
  • Type: str

The name of the config map to import.


Properties

binary_dataRequired
binary_data: typing.Mapping[str]
  • Type: typing.Mapping[str]

The binary data associated with this config map.

Returns a copy. To add data records, use addBinaryData() or addData().


dataRequired
data: typing.Mapping[str]
  • Type: typing.Mapping[str]

The data associated with this config map.

Returns an copy. To add data records, use addData() or addBinaryData().


Deployment

A Deployment provides declarative updates for Pods and ReplicaSets.

You describe a desired state in a Deployment, and the Deployment Controller changes the actual state to the desired state at a controlled rate. You can define Deployments to create new ReplicaSets, or to remove existing Deployments and adopt all their resources with new Deployments.

Note: Do not manage ReplicaSets owned by a Deployment. Consider opening an issue in the main Kubernetes repository if your use case is not covered below.

Use Case

The following are typical use cases for Deployments:

  • Create a Deployment to rollout a ReplicaSet. The ReplicaSet creates Pods in the background. Check the status of the rollout to see if it succeeds or not.
  • Declare the new state of the Pods by updating the PodTemplateSpec of the Deployment. A new ReplicaSet is created and the Deployment manages moving the Pods from the old ReplicaSet to the new one at a controlled rate. Each new ReplicaSet updates the revision of the Deployment.
  • Rollback to an earlier Deployment revision if the current state of the Deployment is not stable. Each rollback updates the revision of the Deployment.
  • Scale up the Deployment to facilitate more load.
  • Pause the Deployment to apply multiple fixes to its PodTemplateSpec and then resume it to start a new rollout.
  • Use the status of the Deployment as an indicator that a rollout has stuck.
  • Clean up older ReplicaSets that you don’t need anymore.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.Deployment(
  scope: Construct,
  id: str,
  metadata: ApiObjectMetadata = None,
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None,
  pod_metadata: ApiObjectMetadata = None,
  default_selector: bool = None,
  replicas: typing.Union[int, float] = None
)
scopeRequired

idRequired
  • Type: str

metadataOptional

Metadata that all persisted resources must have, which includes all objects users must create.


containersOptional

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


pod_metadataOptional

The pod metadata.


default_selectorOptional
  • Type: bool
  • Default: true

Automatically allocates a pod selector for this deployment.

If this is set to false you must define your selector through deployment.podMetadata.addLabel() and deployment.selectByLabel().


replicasOptional
  • Type: typing.Union[int, float]
  • Default: 1

Number of desired pods.


Methods

add_container
def add_container(
  image: str,
  args: typing.List[str] = None,
  command: typing.List[str] = None,
  env: typing.Mapping[EnvValue] = None,
  image_pull_policy: ImagePullPolicy = None,
  liveness: Probe = None,
  name: str = None,
  port: typing.Union[int, float] = None,
  readiness: Probe = None,
  startup: Probe = None,
  volume_mounts: typing.List[VolumeMount] = None,
  working_dir: str = None
)
imageRequired
  • Type: str

Docker image name.


argsOptional
  • Type: typing.List[str]
  • Default: []

Arguments to the entrypoint. The docker image’s CMD is used if command is not provided.

Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


commandOptional
  • Type: typing.List[str]
  • Default: The docker image’s ENTRYPOINT.

Entrypoint array.

Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


envOptional

List of environment variables to set in the container.

Cannot be updated.


image_pull_policyOptional

Image pull policy for this container.


livenessOptional

Periodic probe of container liveness.

Container will be restarted if the probe fails.


nameOptional
  • Type: str
  • Default: ‘main’

Name of the container specified as a DNS_LABEL.

Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.


portOptional
  • Type: typing.Union[int, float]
  • Default: No port is exposed.

Number of port to expose on the pod’s IP address.

This must be a valid port number, 0 < x < 65536.


readinessOptional

Determines when the container is ready to serve traffic.


startupOptional

StartupProbe indicates that the Pod has successfully initialized.

If specified, no other probes are executed until this completes successfully


volume_mountsOptional

Pod volumes to mount into the container’s filesystem.

Cannot be updated.


working_dirOptional
  • Type: str
  • Default: The container runtime’s default.

Container’s working directory.

If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.


add_volume
def add_volume(
  volume: Volume
)
volumeRequired

expose_via_ingress
def expose_via_ingress(
  path: str,
  name: str = None,
  port: typing.Union[int, float] = None,
  protocol: Protocol = None,
  service_type: ServiceType = None,
  target_port: typing.Union[int, float] = None,
  ingress: IngressV1Beta1 = None
)
pathRequired
  • Type: str

The ingress path to register under.


nameOptional
  • Type: str
  • Default: undefined Uses the system generated name.

The name of the service to expose.

This will be set on the Service.metadata and must be a DNS_LABEL


portOptional
  • Type: typing.Union[int, float]
  • Default: Copied from the container of the deployment. If a port could not be determined, throws an error.

The port that the service should serve on.


protocolOptional

The IP protocol for this port.

Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.


service_typeOptional

The type of the exposed service.


target_portOptional
  • Type: typing.Union[int, float]
  • Default: The port of the first container in the deployment (ie. containers[0].port)

The port number the service will redirect to.


ingressOptional

The ingress to add rules to.


expose_via_service
def expose_via_service(
  name: str = None,
  port: typing.Union[int, float] = None,
  protocol: Protocol = None,
  service_type: ServiceType = None,
  target_port: typing.Union[int, float] = None
)
nameOptional
  • Type: str
  • Default: undefined Uses the system generated name.

The name of the service to expose.

This will be set on the Service.metadata and must be a DNS_LABEL


portOptional
  • Type: typing.Union[int, float]
  • Default: Copied from the container of the deployment. If a port could not be determined, throws an error.

The port that the service should serve on.


protocolOptional

The IP protocol for this port.

Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.


service_typeOptional

The type of the exposed service.


target_portOptional
  • Type: typing.Union[int, float]
  • Default: The port of the first container in the deployment (ie. containers[0].port)

The port number the service will redirect to.


select_by_label
def select_by_label(
  key: str,
  value: str
)
keyRequired
  • Type: str

The label key.


valueRequired
  • Type: str

The label value.


Properties

containersRequired
containers: typing.List[Container]

The containers belonging to the pod.

Use addContainer to add containers.


label_selectorRequired
label_selector: typing.Mapping[str]
  • Type: typing.Mapping[str]

The labels this deployment will match against in order to select pods.

Returns a a copy. Use selectByLabel() to add labels.


pod_metadataRequired
pod_metadata: ApiObjectMetadataDefinition

Provides read/write access to the underlying pod metadata of the resource.


replicasRequired
replicas: typing.Union[int, float]
  • Type: typing.Union[int, float]

Number of desired pods.


volumesRequired
volumes: typing.List[Volume]

The volumes associated with this pod.

Use addVolume to add volumes.


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.


service_accountOptional
service_account: IServiceAccount

The service account used to run this pod.


IngressV1Beta1

Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend.

An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.IngressV1Beta1(
  scope: Construct,
  id: str,
  metadata: ApiObjectMetadata = None,
  default_backend: IngressV1Beta1Backend = None,
  rules: typing.List[IngressV1Beta1Rule] = None,
  tls: typing.List[IngressV1Beta1Tls] = None
)
scopeRequired

idRequired
  • Type: str

metadataOptional

Metadata that all persisted resources must have, which includes all objects users must create.


default_backendOptional

The default backend services requests that do not match any rule.

Using this option or the addDefaultBackend() method is equivalent to adding a rule with both path and host undefined.


rulesOptional

Routing rules for this ingress.

Each rule must define an IngressBackend that will receive the requests that match this rule. If both host and path are not specifiec, this backend will be used as the default backend of the ingress.

You can also add rules later using addRule(), addHostRule(), addDefaultBackend() and addHostDefaultBackend().


tlsOptional

TLS settings for this ingress.

Using this option tells the ingress controller to expose a TLS endpoint. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.


Methods

add_default_backend
def add_default_backend(
  backend: IngressV1Beta1Backend
)
backendRequired

The backend to use for requests that do not match any rule.


add_host_default_backend
def add_host_default_backend(
  host: str,
  backend: IngressV1Beta1Backend
)
hostRequired
  • Type: str

The host name to match.


backendRequired

The backend to route to.


add_host_rule
def add_host_rule(
  host: str,
  path: str,
  backend: IngressV1Beta1Backend
)
hostRequired
  • Type: str

The host name.


pathRequired
  • Type: str

The HTTP path.


backendRequired

The backend to route requests to.


add_rule
def add_rule(
  path: str,
  backend: IngressV1Beta1Backend
)
pathRequired
  • Type: str

The HTTP path.


backendRequired

The backend to route requests to.


add_rules
def add_rules(
  backend: IngressV1Beta1Backend,
  host: str = None,
  path: str = None
)
backendRequired

Backend defines the referenced service endpoint to which the traffic will be forwarded to.


hostOptional
  • Type: str
  • Default: If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.

Host is the fully qualified domain name of a network host, as defined by RFC 3986.

Note the following deviations from the “host” part of the URI as defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the IP in the Spec of the parent Ingress. 2. The : delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue.


pathOptional
  • Type: str
  • Default: If unspecified, the path defaults to a catch all sending traffic to the backend.

Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional “path” part of a URL as defined by RFC 3986. Paths must begin with a ‘/’.


add_tls
def add_tls(
  tls: typing.List[IngressV1Beta1Tls]
)
tlsRequired

Job

A Job creates one or more Pods and ensures that a specified number of them successfully terminate.

As pods successfully complete, the Job tracks the successful completions. When a specified number of successful completions is reached, the task (ie, Job) is complete. Deleting a Job will clean up the Pods it created. A simple case is to create one Job object in order to reliably run one Pod to completion. The Job object will start a new Pod if the first Pod fails or is deleted (for example due to a node hardware failure or a node reboot). You can also use a Job to run multiple Pods in parallel.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.Job(
  scope: Construct,
  id: str,
  metadata: ApiObjectMetadata = None,
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None,
  pod_metadata: ApiObjectMetadata = None,
  active_deadline: Duration = None,
  backoff_limit: typing.Union[int, float] = None,
  ttl_after_finished: Duration = None
)
scopeRequired

idRequired
  • Type: str

metadataOptional

Metadata that all persisted resources must have, which includes all objects users must create.


containersOptional

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


pod_metadataOptional

The pod metadata.


active_deadlineOptional

Specifies the duration the job may be active before the system tries to terminate it.


backoff_limitOptional
  • Type: typing.Union[int, float]
  • Default: If not set, system defaults to 6.

Specifies the number of retries before marking this job failed.


ttl_after_finishedOptional
  • Type: cdk8s.Duration
  • Default: If this field is unset, the Job won’t be automatically deleted.

Limits the lifetime of a Job that has finished execution (either Complete or Failed).

If this field is set, after the Job finishes, it is eligible to be automatically deleted. When the Job is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes. This field is alpha-level and is only honored by servers that enable the TTLAfterFinished feature.


Methods

add_container
def add_container(
  image: str,
  args: typing.List[str] = None,
  command: typing.List[str] = None,
  env: typing.Mapping[EnvValue] = None,
  image_pull_policy: ImagePullPolicy = None,
  liveness: Probe = None,
  name: str = None,
  port: typing.Union[int, float] = None,
  readiness: Probe = None,
  startup: Probe = None,
  volume_mounts: typing.List[VolumeMount] = None,
  working_dir: str = None
)
imageRequired
  • Type: str

Docker image name.


argsOptional
  • Type: typing.List[str]
  • Default: []

Arguments to the entrypoint. The docker image’s CMD is used if command is not provided.

Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


commandOptional
  • Type: typing.List[str]
  • Default: The docker image’s ENTRYPOINT.

Entrypoint array.

Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


envOptional

List of environment variables to set in the container.

Cannot be updated.


image_pull_policyOptional

Image pull policy for this container.


livenessOptional

Periodic probe of container liveness.

Container will be restarted if the probe fails.


nameOptional
  • Type: str
  • Default: ‘main’

Name of the container specified as a DNS_LABEL.

Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.


portOptional
  • Type: typing.Union[int, float]
  • Default: No port is exposed.

Number of port to expose on the pod’s IP address.

This must be a valid port number, 0 < x < 65536.


readinessOptional

Determines when the container is ready to serve traffic.


startupOptional

StartupProbe indicates that the Pod has successfully initialized.

If specified, no other probes are executed until this completes successfully


volume_mountsOptional

Pod volumes to mount into the container’s filesystem.

Cannot be updated.


working_dirOptional
  • Type: str
  • Default: The container runtime’s default.

Container’s working directory.

If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.


add_volume
def add_volume(
  volume: Volume
)
volumeRequired

Properties

containersRequired
containers: typing.List[Container]

The containers belonging to the pod.

Use addContainer to add containers.


pod_metadataRequired
pod_metadata: ApiObjectMetadataDefinition

Provides read/write access to the underlying pod metadata of the resource.


volumesRequired
volumes: typing.List[Volume]

The volumes associated with this pod.

Use addVolume to add volumes.


active_deadlineOptional
active_deadline: Duration

Duration before job is terminated.

If undefined, there is no deadline.


backoff_limitOptional
backoff_limit: typing.Union[int, float]
  • Type: typing.Union[int, float]

Number of retries before marking failed.


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.


service_accountOptional
service_account: IServiceAccount

The service account used to run this pod.


ttl_after_finishedOptional
ttl_after_finished: Duration

TTL before the job is deleted after it is finished.


Pod

Pod is a collection of containers that can run on a host.

This resource is created by clients and scheduled onto hosts.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.Pod(
  scope: Construct,
  id: str,
  metadata: ApiObjectMetadata = None,
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None
)
scopeRequired

idRequired
  • Type: str

metadataOptional

Metadata that all persisted resources must have, which includes all objects users must create.


containersOptional

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


Methods

add_container
def add_container(
  image: str,
  args: typing.List[str] = None,
  command: typing.List[str] = None,
  env: typing.Mapping[EnvValue] = None,
  image_pull_policy: ImagePullPolicy = None,
  liveness: Probe = None,
  name: str = None,
  port: typing.Union[int, float] = None,
  readiness: Probe = None,
  startup: Probe = None,
  volume_mounts: typing.List[VolumeMount] = None,
  working_dir: str = None
)
imageRequired
  • Type: str

Docker image name.


argsOptional
  • Type: typing.List[str]
  • Default: []

Arguments to the entrypoint. The docker image’s CMD is used if command is not provided.

Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


commandOptional
  • Type: typing.List[str]
  • Default: The docker image’s ENTRYPOINT.

Entrypoint array.

Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


envOptional

List of environment variables to set in the container.

Cannot be updated.


image_pull_policyOptional

Image pull policy for this container.


livenessOptional

Periodic probe of container liveness.

Container will be restarted if the probe fails.


nameOptional
  • Type: str
  • Default: ‘main’

Name of the container specified as a DNS_LABEL.

Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.


portOptional
  • Type: typing.Union[int, float]
  • Default: No port is exposed.

Number of port to expose on the pod’s IP address.

This must be a valid port number, 0 < x < 65536.


readinessOptional

Determines when the container is ready to serve traffic.


startupOptional

StartupProbe indicates that the Pod has successfully initialized.

If specified, no other probes are executed until this completes successfully


volume_mountsOptional

Pod volumes to mount into the container’s filesystem.

Cannot be updated.


working_dirOptional
  • Type: str
  • Default: The container runtime’s default.

Container’s working directory.

If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.


add_volume
def add_volume(
  volume: Volume
)
volumeRequired

Properties

containersRequired
containers: typing.List[Container]

The containers belonging to the pod.

Use addContainer to add containers.


volumesRequired
volumes: typing.List[Volume]

The volumes associated with this pod.

Use addVolume to add volumes.


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.


service_accountOptional
service_account: IServiceAccount

The service account used to run this pod.


Resource

Base class for all Kubernetes objects in stdk8s.

Represents a single resource.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.Resource(
  scope: Construct,
  id: str,
  node_factory: INodeFactory = None
)
scopeRequired

The scope in which to define this construct.


idRequired
  • Type: str

The scoped construct ID.

Must be unique amongst siblings. If the ID includes a path separator (/), then it will be replaced by double dash --.


node_factoryOptional

A factory for attaching Nodes to the construct.


Properties

metadataRequired
metadata: ApiObjectMetadataDefinition

nameRequired
name: str
  • Type: str

The name of this API object.


Secret

Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys.

Storing confidential information in a Secret is safer and more flexible than putting it verbatim in a Pod definition or in a container image.

https://kubernetes.io/docs/concepts/configuration/secret

Initializers

import cdk8s_plus_20

cdk8s_plus_20.Secret(
  scope: Construct,
  id: str,
  metadata: ApiObjectMetadata = None,
  string_data: typing.Mapping[str] = None,
  type: str = None
)
scopeRequired

idRequired
  • Type: str

metadataOptional

Metadata that all persisted resources must have, which includes all objects users must create.


string_dataOptional
  • Type: typing.Mapping[str]

stringData allows specifying non-binary secret data in string form.

It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.


typeOptional
  • Type: str
  • Default: undefined - Don’t set a type.

Optional type associated with the secret.

Used to facilitate programmatic handling of secret data by various controllers.


Methods

add_string_data
def add_string_data(
  key: str,
  value: str
)
keyRequired
  • Type: str

Key.


valueRequired
  • Type: str

Value.


get_string_data
def get_string_data(
  key: str
)
keyRequired
  • Type: str

Key.


Static Functions

from_secret_name
import cdk8s_plus_20

cdk8s_plus_20.Secret.from_secret_name(
  name: str
)
nameRequired
  • Type: str

The name of the secret to reference.


Service

An abstract way to expose an application running on a set of Pods as a network service.

With Kubernetes you don’t need to modify your application to use an unfamiliar service discovery mechanism. Kubernetes gives Pods their own IP addresses and a single DNS name for a set of Pods, and can load-balance across them.

For example, consider a stateless image-processing backend which is running with 3 replicas. Those replicas are fungible—frontends do not care which backend they use. While the actual Pods that compose the backend set may change, the frontend clients should not need to be aware of that, nor should they need to keep track of the set of backends themselves. The Service abstraction enables this decoupling.

If you’re able to use Kubernetes APIs for service discovery in your application, you can query the API server for Endpoints, that get updated whenever the set of Pods in a Service changes. For non-native applications, Kubernetes offers ways to place a network port or load balancer in between your application and the backend Pods.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.Service(
  scope: Construct,
  id: str,
  metadata: ApiObjectMetadata = None,
  cluster_i_p: str = None,
  external_i_ps: typing.List[str] = None,
  external_name: str = None,
  load_balancer_source_ranges: typing.List[str] = None,
  ports: typing.List[ServicePort] = None,
  type: ServiceType = None
)
scopeRequired

idRequired
  • Type: str

metadataOptional

Metadata that all persisted resources must have, which includes all objects users must create.


cluster_i_pOptional
  • Type: str
  • Default: Automatically assigned.

The IP address of the service and is usually assigned randomly by the master.

If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are “None”, empty string (“”), or a valid IP address. “None” can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName.

https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies


external_i_psOptional
  • Type: typing.List[str]
  • Default: No external IPs.

A list of IP addresses for which nodes in the cluster will also accept traffic for this service.

These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.


external_nameOptional
  • Type: str
  • Default: No external name.

The externalName to be used when ServiceType.EXTERNAL_NAME is set.


load_balancer_source_rangesOptional
  • Type: typing.List[str]

A list of CIDR IP addresses, if specified and supported by the platform, will restrict traffic through the cloud-provider load-balancer to the specified client IPs.

More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/


portsOptional

The port exposed by this service.

More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies


typeOptional

Determines how the Service is exposed.

More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types


Methods

add_deployment
def add_deployment(
  deployment: Deployment,
  name: str = None,
  node_port: typing.Union[int, float] = None,
  protocol: Protocol = None,
  target_port: typing.Union[int, float] = None,
  port: typing.Union[int, float] = None
)
deploymentRequired

The deployment to expose.


nameOptional
  • Type: str

The name of this port within the service.

This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the ‘Name’ field in EndpointPort objects. Optional if only one ServicePort is defined on this service.


node_portOptional
  • Type: typing.Union[int, float]
  • Default: auto-allocate a port if the ServiceType of this Service requires one.

The port on each node on which this service is exposed when type=NodePort or LoadBalancer.

Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one.

https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport


protocolOptional

The IP protocol for this port.

Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.


target_portOptional
  • Type: typing.Union[int, float]
  • Default: The value of port will be used.

The port number the service will redirect to.


portOptional
  • Type: typing.Union[int, float]
  • Default: Copied from the first container of the deployment.

The port number the service will bind to.


add_selector
def add_selector(
  label: str,
  value: str
)
labelRequired
  • Type: str

The label key.


valueRequired
  • Type: str

The label value.


expose_via_ingress
def expose_via_ingress(
  path: str,
  ingress: IngressV1Beta1 = None
)
pathRequired
  • Type: str

The path to expose the service under.


ingressOptional

The ingress to add rules to.


serve
def serve(
  port: typing.Union[int, float],
  name: str = None,
  node_port: typing.Union[int, float] = None,
  protocol: Protocol = None,
  target_port: typing.Union[int, float] = None
)
portRequired
  • Type: typing.Union[int, float]

The port definition.


nameOptional
  • Type: str

The name of this port within the service.

This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the ‘Name’ field in EndpointPort objects. Optional if only one ServicePort is defined on this service.


node_portOptional
  • Type: typing.Union[int, float]
  • Default: auto-allocate a port if the ServiceType of this Service requires one.

The port on each node on which this service is exposed when type=NodePort or LoadBalancer.

Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one.

https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport


protocolOptional

The IP protocol for this port.

Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.


target_portOptional
  • Type: typing.Union[int, float]
  • Default: The value of port will be used.

The port number the service will redirect to.


Properties

portsRequired
ports: typing.List[ServicePort]

Ports for this service.

Use serve() to expose additional service ports.


selectorRequired
selector: typing.Mapping[str]
  • Type: typing.Mapping[str]

Returns the labels which are used to select pods for this service.


typeRequired
type: ServiceType

Determines how the Service is exposed.


cluster_i_pOptional
cluster_i_p: str
  • Type: str

The IP address of the service and is usually assigned randomly by the master.


external_nameOptional
external_name: str
  • Type: str

The externalName to be used for EXTERNAL_NAME types.


ServiceAccount

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account

Initializers

import cdk8s_plus_20

cdk8s_plus_20.ServiceAccount(
  scope: Construct,
  id: str,
  metadata: ApiObjectMetadata = None,
  secrets: typing.List[ISecret] = None
)
scopeRequired

idRequired
  • Type: str

metadataOptional

Metadata that all persisted resources must have, which includes all objects users must create.


secretsOptional

List of secrets allowed to be used by pods running using this ServiceAccount.

https://kubernetes.io/docs/concepts/configuration/secret


Methods

add_secret
def add_secret(
  secret: ISecret
)
secretRequired

The secret.


Static Functions

from_service_account_name
import cdk8s_plus_20

cdk8s_plus_20.ServiceAccount.from_service_account_name(
  name: str
)
nameRequired
  • Type: str

The name of the service account resource.


Properties

secretsRequired
secrets: typing.List[ISecret]

List of secrets allowed to be used by pods running using this service account.

Returns a copy. To add a secret, use addSecret().


StatefulSet

StatefulSet is the workload API object used to manage stateful applications.

Manages the deployment and scaling of a set of Pods, and provides guarantees about the ordering and uniqueness of these Pods.

Like a Deployment, a StatefulSet manages Pods that are based on an identical container spec. Unlike a Deployment, a StatefulSet maintains a sticky identity for each of their Pods. These pods are created from the same spec, but are not interchangeable: each has a persistent identifier that it maintains across any rescheduling.

If you want to use storage volumes to provide persistence for your workload, you can use a StatefulSet as part of the solution. Although individual Pods in a StatefulSet are susceptible to failure, the persistent Pod identifiers make it easier to match existing volumes to the new Pods that replace any that have failed.

Using StatefulSets

StatefulSets are valuable for applications that require one or more of the following.

  • Stable, unique network identifiers.
  • Stable, persistent storage.
  • Ordered, graceful deployment and scaling.
  • Ordered, automated rolling updates.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.StatefulSet(
  scope: Construct,
  id: str,
  metadata: ApiObjectMetadata = None,
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None,
  pod_metadata: ApiObjectMetadata = None,
  service: Service,
  default_selector: bool = None,
  pod_management_policy: PodManagementPolicy = None,
  replicas: typing.Union[int, float] = None
)
scopeRequired

idRequired
  • Type: str

metadataOptional

Metadata that all persisted resources must have, which includes all objects users must create.


containersOptional

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


pod_metadataOptional

The pod metadata.


serviceRequired

Service to associate with the statefulset.


default_selectorOptional
  • Type: bool
  • Default: true

Automatically allocates a pod selector for this statefulset.

If this is set to false you must define your selector through statefulset.podMetadata.addLabel() and statefulset.selectByLabel().


pod_management_policyOptional

Pod management policy to use for this statefulset.


replicasOptional
  • Type: typing.Union[int, float]
  • Default: 1

Number of desired pods.


Methods

add_container
def add_container(
  image: str,
  args: typing.List[str] = None,
  command: typing.List[str] = None,
  env: typing.Mapping[EnvValue] = None,
  image_pull_policy: ImagePullPolicy = None,
  liveness: Probe = None,
  name: str = None,
  port: typing.Union[int, float] = None,
  readiness: Probe = None,
  startup: Probe = None,
  volume_mounts: typing.List[VolumeMount] = None,
  working_dir: str = None
)
imageRequired
  • Type: str

Docker image name.


argsOptional
  • Type: typing.List[str]
  • Default: []

Arguments to the entrypoint. The docker image’s CMD is used if command is not provided.

Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


commandOptional
  • Type: typing.List[str]
  • Default: The docker image’s ENTRYPOINT.

Entrypoint array.

Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


envOptional

List of environment variables to set in the container.

Cannot be updated.


image_pull_policyOptional

Image pull policy for this container.


livenessOptional

Periodic probe of container liveness.

Container will be restarted if the probe fails.


nameOptional
  • Type: str
  • Default: ‘main’

Name of the container specified as a DNS_LABEL.

Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.


portOptional
  • Type: typing.Union[int, float]
  • Default: No port is exposed.

Number of port to expose on the pod’s IP address.

This must be a valid port number, 0 < x < 65536.


readinessOptional

Determines when the container is ready to serve traffic.


startupOptional

StartupProbe indicates that the Pod has successfully initialized.

If specified, no other probes are executed until this completes successfully


volume_mountsOptional

Pod volumes to mount into the container’s filesystem.

Cannot be updated.


working_dirOptional
  • Type: str
  • Default: The container runtime’s default.

Container’s working directory.

If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.


add_volume
def add_volume(
  volume: Volume
)
volumeRequired

select_by_label
def select_by_label(
  key: str,
  value: str
)
keyRequired
  • Type: str

The label key.


valueRequired
  • Type: str

The label value.


Properties

containersRequired
containers: typing.List[Container]

The containers belonging to the pod.

Use addContainer to add containers.


label_selectorRequired
label_selector: typing.Mapping[str]
  • Type: typing.Mapping[str]

The labels this statefulset will match against in order to select pods.

Returns a a copy. Use selectByLabel() to add labels.


pod_management_policyRequired
pod_management_policy: PodManagementPolicy

Management policy to use for the set.


pod_metadataRequired
pod_metadata: ApiObjectMetadataDefinition

Provides read/write access to the underlying pod metadata of the resource.


replicasRequired
replicas: typing.Union[int, float]
  • Type: typing.Union[int, float]

Number of desired pods.


volumesRequired
volumes: typing.List[Volume]

The volumes associated with this pod.

Use addVolume to add volumes.


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.


service_accountOptional
service_account: IServiceAccount

The service account used to run this pod.


Structs

AddDeploymentOptions

Options to add a deployment to a service.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.AddDeploymentOptions(
  name: str = None,
  node_port: typing.Union[int, float] = None,
  protocol: Protocol = None,
  target_port: typing.Union[int, float] = None,
  port: typing.Union[int, float] = None
)
nameOptional
name: str
  • Type: str

The name of this port within the service.

This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the ‘Name’ field in EndpointPort objects. Optional if only one ServicePort is defined on this service.


node_portOptional
node_port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: auto-allocate a port if the ServiceType of this Service requires one.

The port on each node on which this service is exposed when type=NodePort or LoadBalancer.

Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one.

https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport


protocolOptional
protocol: Protocol

The IP protocol for this port.

Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.


target_portOptional
target_port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: The value of port will be used.

The port number the service will redirect to.


portOptional
port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: Copied from the first container of the deployment.

The port number the service will bind to.


AddDirectoryOptions

Options for configmap.addDirectory().

Initializer

import cdk8s_plus_20

cdk8s_plus_20.AddDirectoryOptions(
  exclude: typing.List[str] = None,
  key_prefix: str = None
)
excludeOptional
exclude: typing.List[str]
  • Type: typing.List[str]
  • Default: include all files

Glob patterns to exclude when adding files.


key_prefixOptional
key_prefix: str
  • Type: str
  • Default: “”

A prefix to add to all keys in the config map.


CommandProbeOptions

Options for Probe.fromCommand().

Initializer

import cdk8s_plus_20

cdk8s_plus_20.CommandProbeOptions(
  failure_threshold: typing.Union[int, float] = None,
  initial_delay_seconds: Duration = None,
  period_seconds: Duration = None,
  success_threshold: typing.Union[int, float] = None,
  timeout_seconds: Duration = None
)
failure_thresholdOptional
failure_threshold: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: 3

Minimum consecutive failures for the probe to be considered failed after having succeeded.

Defaults to 3. Minimum value is 1.


initial_delay_secondsOptional
initial_delay_seconds: Duration

Number of seconds after the container has started before liveness probes are initiated.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


period_secondsOptional
period_seconds: Duration
  • Type: cdk8s.Duration
  • Default: Duration.seconds(10) Minimum value is 1.

How often (in seconds) to perform the probe.

Default to 10 seconds. Minimum value is 1.


success_thresholdOptional
success_threshold: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: 1 Must be 1 for liveness and startup. Minimum value is 1.

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1.

Must be 1 for liveness and startup. Minimum value is 1.


timeout_secondsOptional
timeout_seconds: Duration

Number of seconds after which the probe times out.

Defaults to 1 second. Minimum value is 1.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


ConfigMapProps

Properties for initialization of ConfigMap.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ConfigMapProps(
  metadata: ApiObjectMetadata = None,
  binary_data: typing.Mapping[str] = None,
  data: typing.Mapping[str] = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


binary_dataOptional
binary_data: typing.Mapping[str]
  • Type: typing.Mapping[str]

BinaryData contains the binary data.

Each key must consist of alphanumeric characters, ‘-‘, ‘_’ or ‘.’. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.

You can also add binary data using configMap.addBinaryData().


dataOptional
data: typing.Mapping[str]
  • Type: typing.Mapping[str]

Data contains the configuration data.

Each key must consist of alphanumeric characters, ‘-‘, ‘_’ or ‘.’. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.

You can also add data using configMap.addData().


ConfigMapVolumeOptions

Options for the ConfigMap-based volume.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ConfigMapVolumeOptions(
  default_mode: typing.Union[int, float] = None,
  items: typing.Mapping[PathMapping] = None,
  name: str = None,
  optional: bool = None
)
default_modeOptional
default_mode: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

Mode bits to use on created files by default.

Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.


itemsOptional
items: typing.Mapping[PathMapping]

If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value.

If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the ‘..’ path or start with ‘..’.


nameOptional
name: str
  • Type: str
  • Default: auto-generated

The volume name.


optionalOptional
optional: bool
  • Type: bool
  • Default: undocumented

Specify whether the ConfigMap or its keys must be defined.


ContainerProps

Properties for creating a container.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ContainerProps(
  image: str,
  args: typing.List[str] = None,
  command: typing.List[str] = None,
  env: typing.Mapping[EnvValue] = None,
  image_pull_policy: ImagePullPolicy = None,
  liveness: Probe = None,
  name: str = None,
  port: typing.Union[int, float] = None,
  readiness: Probe = None,
  startup: Probe = None,
  volume_mounts: typing.List[VolumeMount] = None,
  working_dir: str = None
)
imageRequired
image: str
  • Type: str

Docker image name.


argsOptional
args: typing.List[str]
  • Type: typing.List[str]
  • Default: []

Arguments to the entrypoint. The docker image’s CMD is used if command is not provided.

Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


commandOptional
command: typing.List[str]
  • Type: typing.List[str]
  • Default: The docker image’s ENTRYPOINT.

Entrypoint array.

Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


envOptional
env: typing.Mapping[EnvValue]

List of environment variables to set in the container.

Cannot be updated.


image_pull_policyOptional
image_pull_policy: ImagePullPolicy

Image pull policy for this container.


livenessOptional
liveness: Probe

Periodic probe of container liveness.

Container will be restarted if the probe fails.


nameOptional
name: str
  • Type: str
  • Default: ‘main’

Name of the container specified as a DNS_LABEL.

Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.


portOptional
port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: No port is exposed.

Number of port to expose on the pod’s IP address.

This must be a valid port number, 0 < x < 65536.


readinessOptional
readiness: Probe

Determines when the container is ready to serve traffic.


startupOptional
startup: Probe

StartupProbe indicates that the Pod has successfully initialized.

If specified, no other probes are executed until this completes successfully


volume_mountsOptional
volume_mounts: typing.List[VolumeMount]

Pod volumes to mount into the container’s filesystem.

Cannot be updated.


working_dirOptional
working_dir: str
  • Type: str
  • Default: The container runtime’s default.

Container’s working directory.

If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.


DeploymentProps

Properties for initialization of Deployment.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.DeploymentProps(
  metadata: ApiObjectMetadata = None,
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None,
  pod_metadata: ApiObjectMetadata = None,
  default_selector: bool = None,
  replicas: typing.Union[int, float] = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


containersOptional
containers: typing.List[ContainerProps]

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional
service_account: IServiceAccount

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional
volumes: typing.List[Volume]

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


pod_metadataOptional
pod_metadata: ApiObjectMetadata

The pod metadata.


default_selectorOptional
default_selector: bool
  • Type: bool
  • Default: true

Automatically allocates a pod selector for this deployment.

If this is set to false you must define your selector through deployment.podMetadata.addLabel() and deployment.selectByLabel().


replicasOptional
replicas: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: 1

Number of desired pods.


EmptyDirVolumeOptions

Options for volumes populated with an empty directory.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.EmptyDirVolumeOptions(
  medium: EmptyDirMedium = None,
  size_limit: Size = None
)
mediumOptional
medium: EmptyDirMedium

By default, emptyDir volumes are stored on whatever medium is backing the node - that might be disk or SSD or network storage, depending on your environment.

However, you can set the emptyDir.medium field to EmptyDirMedium.MEMORY to tell Kubernetes to mount a tmpfs (RAM-backed filesystem) for you instead. While tmpfs is very fast, be aware that unlike disks, tmpfs is cleared on node reboot and any files you write will count against your Container’s memory limit.


size_limitOptional
size_limit: Size

Total amount of local storage required for this EmptyDir volume.

The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod.


EnvValueFromConfigMapOptions

Options to specify an envionment variable value from a ConfigMap key.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.EnvValueFromConfigMapOptions(
  optional: bool = None
)
optionalOptional
optional: bool
  • Type: bool
  • Default: false

Specify whether the ConfigMap or its key must be defined.


EnvValueFromProcessOptions

Options to specify an environment variable value from the process environment.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.EnvValueFromProcessOptions(
  required: bool = None
)
requiredOptional
required: bool
  • Type: bool
  • Default: false

Specify whether the key must exist in the environment.

If this is set to true, and the key does not exist, an error will thrown.


EnvValueFromSecretOptions

Options to specify an environment variable value from a Secret.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.EnvValueFromSecretOptions(
  optional: bool = None
)
optionalOptional
optional: bool
  • Type: bool
  • Default: false

Specify whether the Secret or its key must be defined.


ExposeDeploymentViaIngressOptions

Options for exposing a deployment via an ingress.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ExposeDeploymentViaIngressOptions(
  name: str = None,
  port: typing.Union[int, float] = None,
  protocol: Protocol = None,
  service_type: ServiceType = None,
  target_port: typing.Union[int, float] = None,
  ingress: IngressV1Beta1 = None
)
nameOptional
name: str
  • Type: str
  • Default: undefined Uses the system generated name.

The name of the service to expose.

This will be set on the Service.metadata and must be a DNS_LABEL


portOptional
port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: Copied from the container of the deployment. If a port could not be determined, throws an error.

The port that the service should serve on.


protocolOptional
protocol: Protocol

The IP protocol for this port.

Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.


service_typeOptional
service_type: ServiceType

The type of the exposed service.


target_portOptional
target_port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: The port of the first container in the deployment (ie. containers[0].port)

The port number the service will redirect to.


ingressOptional
ingress: IngressV1Beta1

The ingress to add rules to.


ExposeDeploymentViaServiceOptions

Options for exposing a deployment via a service.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ExposeDeploymentViaServiceOptions(
  name: str = None,
  port: typing.Union[int, float] = None,
  protocol: Protocol = None,
  service_type: ServiceType = None,
  target_port: typing.Union[int, float] = None
)
nameOptional
name: str
  • Type: str
  • Default: undefined Uses the system generated name.

The name of the service to expose.

This will be set on the Service.metadata and must be a DNS_LABEL


portOptional
port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: Copied from the container of the deployment. If a port could not be determined, throws an error.

The port that the service should serve on.


protocolOptional
protocol: Protocol

The IP protocol for this port.

Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.


service_typeOptional
service_type: ServiceType

The type of the exposed service.


target_portOptional
target_port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: The port of the first container in the deployment (ie. containers[0].port)

The port number the service will redirect to.


ExposeServiceViaIngressOptions

Options for exposing a service using an ingress.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ExposeServiceViaIngressOptions(
  ingress: IngressV1Beta1 = None
)
ingressOptional
ingress: IngressV1Beta1

The ingress to add rules to.


HttpGetProbeOptions

Options for Probe.fromHttpGet().

Initializer

import cdk8s_plus_20

cdk8s_plus_20.HttpGetProbeOptions(
  failure_threshold: typing.Union[int, float] = None,
  initial_delay_seconds: Duration = None,
  period_seconds: Duration = None,
  success_threshold: typing.Union[int, float] = None,
  timeout_seconds: Duration = None,
  port: typing.Union[int, float] = None
)
failure_thresholdOptional
failure_threshold: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: 3

Minimum consecutive failures for the probe to be considered failed after having succeeded.

Defaults to 3. Minimum value is 1.


initial_delay_secondsOptional
initial_delay_seconds: Duration

Number of seconds after the container has started before liveness probes are initiated.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


period_secondsOptional
period_seconds: Duration
  • Type: cdk8s.Duration
  • Default: Duration.seconds(10) Minimum value is 1.

How often (in seconds) to perform the probe.

Default to 10 seconds. Minimum value is 1.


success_thresholdOptional
success_threshold: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: 1 Must be 1 for liveness and startup. Minimum value is 1.

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1.

Must be 1 for liveness and startup. Minimum value is 1.


timeout_secondsOptional
timeout_seconds: Duration

Number of seconds after which the probe times out.

Defaults to 1 second. Minimum value is 1.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


portOptional
port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: defaults to container.port.

The TCP port to use when sending the GET request.


IngressV1Beta1Props

Properties for Ingress.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.IngressV1Beta1Props(
  metadata: ApiObjectMetadata = None,
  default_backend: IngressV1Beta1Backend = None,
  rules: typing.List[IngressV1Beta1Rule] = None,
  tls: typing.List[IngressV1Beta1Tls] = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


default_backendOptional
default_backend: IngressV1Beta1Backend

The default backend services requests that do not match any rule.

Using this option or the addDefaultBackend() method is equivalent to adding a rule with both path and host undefined.


rulesOptional
rules: typing.List[IngressV1Beta1Rule]

Routing rules for this ingress.

Each rule must define an IngressBackend that will receive the requests that match this rule. If both host and path are not specifiec, this backend will be used as the default backend of the ingress.

You can also add rules later using addRule(), addHostRule(), addDefaultBackend() and addHostDefaultBackend().


tlsOptional
tls: typing.List[IngressV1Beta1Tls]

TLS settings for this ingress.

Using this option tells the ingress controller to expose a TLS endpoint. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.


IngressV1Beta1Rule

Represents the rules mapping the paths under a specified host to the related backend services.

Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching path.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.IngressV1Beta1Rule(
  backend: IngressV1Beta1Backend,
  host: str = None,
  path: str = None
)
backendRequired
backend: IngressV1Beta1Backend

Backend defines the referenced service endpoint to which the traffic will be forwarded to.


hostOptional
host: str
  • Type: str
  • Default: If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.

Host is the fully qualified domain name of a network host, as defined by RFC 3986.

Note the following deviations from the “host” part of the URI as defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the IP in the Spec of the parent Ingress. 2. The : delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue.


pathOptional
path: str
  • Type: str
  • Default: If unspecified, the path defaults to a catch all sending traffic to the backend.

Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional “path” part of a URL as defined by RFC 3986. Paths must begin with a ‘/’.


IngressV1Beta1Tls

Represents the TLS configuration mapping that is passed to the ingress controller for SSL termination.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.IngressV1Beta1Tls(
  hosts: typing.List[str] = None,
  secret: ISecret = None
)
hostsOptional
hosts: typing.List[str]
  • Type: typing.List[str]
  • Default: If unspecified, it defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress.

Hosts are a list of hosts included in the TLS certificate.

The values in this list must match the name/s used in the TLS Secret.


secretOptional
secret: ISecret

Secret is the secret that contains the certificate and key used to terminate SSL traffic on 443.

If the SNI host in a listener conflicts with the “Host” header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.


JobProps

Properties for initialization of Job.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.JobProps(
  metadata: ApiObjectMetadata = None,
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None,
  pod_metadata: ApiObjectMetadata = None,
  active_deadline: Duration = None,
  backoff_limit: typing.Union[int, float] = None,
  ttl_after_finished: Duration = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


containersOptional
containers: typing.List[ContainerProps]

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional
service_account: IServiceAccount

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional
volumes: typing.List[Volume]

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


pod_metadataOptional
pod_metadata: ApiObjectMetadata

The pod metadata.


active_deadlineOptional
active_deadline: Duration

Specifies the duration the job may be active before the system tries to terminate it.


backoff_limitOptional
backoff_limit: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: If not set, system defaults to 6.

Specifies the number of retries before marking this job failed.


ttl_after_finishedOptional
ttl_after_finished: Duration
  • Type: cdk8s.Duration
  • Default: If this field is unset, the Job won’t be automatically deleted.

Limits the lifetime of a Job that has finished execution (either Complete or Failed).

If this field is set, after the Job finishes, it is eligible to be automatically deleted. When the Job is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes. This field is alpha-level and is only honored by servers that enable the TTLAfterFinished feature.


MountOptions

Options for mounts.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.MountOptions(
  propagation: MountPropagation = None,
  read_only: bool = None,
  sub_path: str = None,
  sub_path_expr: str = None
)
propagationOptional
propagation: MountPropagation

Determines how mounts are propagated from the host to container and the other way around.

When not set, MountPropagationNone is used.

Mount propagation allows for sharing volumes mounted by a Container to other Containers in the same Pod, or even to other Pods on the same node.

This field is beta in 1.10.


read_onlyOptional
read_only: bool
  • Type: bool
  • Default: false

Mounted read-only if true, read-write otherwise (false or unspecified).

Defaults to false.


sub_pathOptional
sub_path: str
  • Type: str
  • Default: “” the volume’s root

Path within the volume from which the container’s volume should be mounted.).


sub_path_exprOptional
sub_path_expr: str
  • Type: str
  • Default: “” volume’s root.

Expanded path within the volume from which the container’s volume should be mounted.

Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container’s environment. Defaults to “” (volume’s root). SubPathExpr and SubPath are mutually exclusive. This field is beta in 1.15.

subPathExpr and subPath are mutually exclusive. This field is beta in 1.15.


PathMapping

Maps a string key to a path within a volume.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.PathMapping(
  path: str,
  mode: typing.Union[int, float] = None
)
pathRequired
path: str
  • Type: str

The relative path of the file to map the key to.

May not be an absolute path. May not contain the path element ‘..’. May not start with the string ‘..’.


modeOptional
mode: typing.Union[int, float]
  • Type: typing.Union[int, float]

Optional: mode bits to use on this file, must be a value between 0 and 0777.

If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.


PodProps

Properties for initialization of Pod.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.PodProps(
  metadata: ApiObjectMetadata = None,
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


containersOptional
containers: typing.List[ContainerProps]

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional
service_account: IServiceAccount

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional
volumes: typing.List[Volume]

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


PodSpecProps

Properties of a PodSpec.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.PodSpecProps(
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None
)
containersOptional
containers: typing.List[ContainerProps]

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional
service_account: IServiceAccount

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional
volumes: typing.List[Volume]

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


PodTemplateProps

Properties of a PodTemplate.

Adds metadata information on top of the spec.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.PodTemplateProps(
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None,
  pod_metadata: ApiObjectMetadata = None
)
containersOptional
containers: typing.List[ContainerProps]

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional
service_account: IServiceAccount

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional
volumes: typing.List[Volume]

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


pod_metadataOptional
pod_metadata: ApiObjectMetadata

The pod metadata.


ProbeOptions

Probe options.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ProbeOptions(
  failure_threshold: typing.Union[int, float] = None,
  initial_delay_seconds: Duration = None,
  period_seconds: Duration = None,
  success_threshold: typing.Union[int, float] = None,
  timeout_seconds: Duration = None
)
failure_thresholdOptional
failure_threshold: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: 3

Minimum consecutive failures for the probe to be considered failed after having succeeded.

Defaults to 3. Minimum value is 1.


initial_delay_secondsOptional
initial_delay_seconds: Duration

Number of seconds after the container has started before liveness probes are initiated.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


period_secondsOptional
period_seconds: Duration
  • Type: cdk8s.Duration
  • Default: Duration.seconds(10) Minimum value is 1.

How often (in seconds) to perform the probe.

Default to 10 seconds. Minimum value is 1.


success_thresholdOptional
success_threshold: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: 1 Must be 1 for liveness and startup. Minimum value is 1.

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1.

Must be 1 for liveness and startup. Minimum value is 1.


timeout_secondsOptional
timeout_seconds: Duration

Number of seconds after which the probe times out.

Defaults to 1 second. Minimum value is 1.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


ResourceProps

Initialization properties for resources.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ResourceProps(
  metadata: ApiObjectMetadata = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


SecretProps

Initializer

import cdk8s_plus_20

cdk8s_plus_20.SecretProps(
  metadata: ApiObjectMetadata = None,
  string_data: typing.Mapping[str] = None,
  type: str = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


string_dataOptional
string_data: typing.Mapping[str]
  • Type: typing.Mapping[str]

stringData allows specifying non-binary secret data in string form.

It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.


typeOptional
type: str
  • Type: str
  • Default: undefined - Don’t set a type.

Optional type associated with the secret.

Used to facilitate programmatic handling of secret data by various controllers.


SecretValue

Represents a specific value in JSON secret.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.SecretValue(
  key: str,
  secret: ISecret
)
keyRequired
key: str
  • Type: str

The JSON key.


secretRequired
secret: ISecret

The secret.


ServiceAccountProps

Properties for initialization of ServiceAccount.

Properties for initialization of ServiceAccount.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ServiceAccountProps(
  metadata: ApiObjectMetadata = None,
  secrets: typing.List[ISecret] = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


secretsOptional
secrets: typing.List[ISecret]

List of secrets allowed to be used by pods running using this ServiceAccount.

https://kubernetes.io/docs/concepts/configuration/secret


ServiceIngressV1BetaBackendOptions

Options for setting up backends for ingress rules.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ServiceIngressV1BetaBackendOptions(
  port: typing.Union[int, float] = None
)
portOptional
port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: if the service exposes a single port, this port will be used.

The port to use to access the service.

This option will fail if the service does not expose any ports. - If the service exposes multiple ports, this option must be specified. - If the service exposes a single port, this option is optional and if specified, it must be the same port exposed by the service.


ServicePort

Definition of a service port.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ServicePort(
  name: str = None,
  node_port: typing.Union[int, float] = None,
  protocol: Protocol = None,
  target_port: typing.Union[int, float] = None,
  port: typing.Union[int, float]
)
nameOptional
name: str
  • Type: str

The name of this port within the service.

This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the ‘Name’ field in EndpointPort objects. Optional if only one ServicePort is defined on this service.


node_portOptional
node_port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: auto-allocate a port if the ServiceType of this Service requires one.

The port on each node on which this service is exposed when type=NodePort or LoadBalancer.

Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one.

https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport


protocolOptional
protocol: Protocol

The IP protocol for this port.

Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.


target_portOptional
target_port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: The value of port will be used.

The port number the service will redirect to.


portRequired
port: typing.Union[int, float]
  • Type: typing.Union[int, float]

The port number the service will bind to.


ServicePortOptions

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ServicePortOptions(
  name: str = None,
  node_port: typing.Union[int, float] = None,
  protocol: Protocol = None,
  target_port: typing.Union[int, float] = None
)
nameOptional
name: str
  • Type: str

The name of this port within the service.

This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the ‘Name’ field in EndpointPort objects. Optional if only one ServicePort is defined on this service.


node_portOptional
node_port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: auto-allocate a port if the ServiceType of this Service requires one.

The port on each node on which this service is exposed when type=NodePort or LoadBalancer.

Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one.

https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport


protocolOptional
protocol: Protocol

The IP protocol for this port.

Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.


target_portOptional
target_port: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: The value of port will be used.

The port number the service will redirect to.


ServiceProps

Properties for initialization of Service.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.ServiceProps(
  metadata: ApiObjectMetadata = None,
  cluster_i_p: str = None,
  external_i_ps: typing.List[str] = None,
  external_name: str = None,
  load_balancer_source_ranges: typing.List[str] = None,
  ports: typing.List[ServicePort] = None,
  type: ServiceType = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


cluster_i_pOptional
cluster_i_p: str
  • Type: str
  • Default: Automatically assigned.

The IP address of the service and is usually assigned randomly by the master.

If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are “None”, empty string (“”), or a valid IP address. “None” can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName.

https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies


external_i_psOptional
external_i_ps: typing.List[str]
  • Type: typing.List[str]
  • Default: No external IPs.

A list of IP addresses for which nodes in the cluster will also accept traffic for this service.

These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.


external_nameOptional
external_name: str
  • Type: str
  • Default: No external name.

The externalName to be used when ServiceType.EXTERNAL_NAME is set.


load_balancer_source_rangesOptional
load_balancer_source_ranges: typing.List[str]
  • Type: typing.List[str]

A list of CIDR IP addresses, if specified and supported by the platform, will restrict traffic through the cloud-provider load-balancer to the specified client IPs.

More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/


portsOptional
ports: typing.List[ServicePort]

The port exposed by this service.

More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies


typeOptional
type: ServiceType

Determines how the Service is exposed.

More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types


StatefulSetProps

Properties for initialization of StatefulSet.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.StatefulSetProps(
  metadata: ApiObjectMetadata = None,
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None,
  pod_metadata: ApiObjectMetadata = None,
  service: Service,
  default_selector: bool = None,
  pod_management_policy: PodManagementPolicy = None,
  replicas: typing.Union[int, float] = None
)
metadataOptional
metadata: ApiObjectMetadata

Metadata that all persisted resources must have, which includes all objects users must create.


containersOptional
containers: typing.List[ContainerProps]

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional
service_account: IServiceAccount

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional
volumes: typing.List[Volume]

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


pod_metadataOptional
pod_metadata: ApiObjectMetadata

The pod metadata.


serviceRequired
service: Service

Service to associate with the statefulset.


default_selectorOptional
default_selector: bool
  • Type: bool
  • Default: true

Automatically allocates a pod selector for this statefulset.

If this is set to false you must define your selector through statefulset.podMetadata.addLabel() and statefulset.selectByLabel().


pod_management_policyOptional
pod_management_policy: PodManagementPolicy

Pod management policy to use for this statefulset.


replicasOptional
replicas: typing.Union[int, float]
  • Type: typing.Union[int, float]
  • Default: 1

Number of desired pods.


VolumeMount

Mount a volume from the pod to the container.

Initializer

import cdk8s_plus_20

cdk8s_plus_20.VolumeMount(
  propagation: MountPropagation = None,
  read_only: bool = None,
  sub_path: str = None,
  sub_path_expr: str = None,
  path: str,
  volume: Volume
)
propagationOptional
propagation: MountPropagation

Determines how mounts are propagated from the host to container and the other way around.

When not set, MountPropagationNone is used.

Mount propagation allows for sharing volumes mounted by a Container to other Containers in the same Pod, or even to other Pods on the same node.

This field is beta in 1.10.


read_onlyOptional
read_only: bool
  • Type: bool
  • Default: false

Mounted read-only if true, read-write otherwise (false or unspecified).

Defaults to false.


sub_pathOptional
sub_path: str
  • Type: str
  • Default: “” the volume’s root

Path within the volume from which the container’s volume should be mounted.).


sub_path_exprOptional
sub_path_expr: str
  • Type: str
  • Default: “” volume’s root.

Expanded path within the volume from which the container’s volume should be mounted.

Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container’s environment. Defaults to “” (volume’s root). SubPathExpr and SubPath are mutually exclusive. This field is beta in 1.15.

subPathExpr and subPath are mutually exclusive. This field is beta in 1.15.


pathRequired
path: str
  • Type: str

Path within the container at which the volume should be mounted.

Must not contain ‘:’.


volumeRequired
volume: Volume

The volume to mount.


Classes

Container

A single application container that you want to run within a pod.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.Container(
  image: str,
  args: typing.List[str] = None,
  command: typing.List[str] = None,
  env: typing.Mapping[EnvValue] = None,
  image_pull_policy: ImagePullPolicy = None,
  liveness: Probe = None,
  name: str = None,
  port: typing.Union[int, float] = None,
  readiness: Probe = None,
  startup: Probe = None,
  volume_mounts: typing.List[VolumeMount] = None,
  working_dir: str = None
)
imageRequired
  • Type: str

Docker image name.


argsOptional
  • Type: typing.List[str]
  • Default: []

Arguments to the entrypoint. The docker image’s CMD is used if command is not provided.

Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


commandOptional
  • Type: typing.List[str]
  • Default: The docker image’s ENTRYPOINT.

Entrypoint array.

Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


envOptional

List of environment variables to set in the container.

Cannot be updated.


image_pull_policyOptional

Image pull policy for this container.


livenessOptional

Periodic probe of container liveness.

Container will be restarted if the probe fails.


nameOptional
  • Type: str
  • Default: ‘main’

Name of the container specified as a DNS_LABEL.

Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.


portOptional
  • Type: typing.Union[int, float]
  • Default: No port is exposed.

Number of port to expose on the pod’s IP address.

This must be a valid port number, 0 < x < 65536.


readinessOptional

Determines when the container is ready to serve traffic.


startupOptional

StartupProbe indicates that the Pod has successfully initialized.

If specified, no other probes are executed until this completes successfully


volume_mountsOptional

Pod volumes to mount into the container’s filesystem.

Cannot be updated.


working_dirOptional
  • Type: str
  • Default: The container runtime’s default.

Container’s working directory.

If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.


Methods

add_env
def add_env(
  name: str,
  value: EnvValue
)
nameRequired
  • Type: str

The variable name.


valueRequired

The variable value.


mount
def mount(
  path: str,
  volume: Volume,
  propagation: MountPropagation = None,
  read_only: bool = None,
  sub_path: str = None,
  sub_path_expr: str = None
)
pathRequired
  • Type: str

The desired path in the container.


volumeRequired

The volume to mount.


propagationOptional

Determines how mounts are propagated from the host to container and the other way around.

When not set, MountPropagationNone is used.

Mount propagation allows for sharing volumes mounted by a Container to other Containers in the same Pod, or even to other Pods on the same node.

This field is beta in 1.10.


read_onlyOptional
  • Type: bool
  • Default: false

Mounted read-only if true, read-write otherwise (false or unspecified).

Defaults to false.


sub_pathOptional
  • Type: str
  • Default: “” the volume’s root

Path within the volume from which the container’s volume should be mounted.).


sub_path_exprOptional
  • Type: str
  • Default: “” volume’s root.

Expanded path within the volume from which the container’s volume should be mounted.

Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container’s environment. Defaults to “” (volume’s root). SubPathExpr and SubPath are mutually exclusive. This field is beta in 1.15.

subPathExpr and subPath are mutually exclusive. This field is beta in 1.15.


Properties

envRequired
env: typing.Mapping[EnvValue]

The environment variables for this container.

Returns a copy. To add environment variables use addEnv().


imageRequired
image: str
  • Type: str

The container image.


image_pull_policyRequired
image_pull_policy: ImagePullPolicy

Image pull policy for this container.


mountsRequired
mounts: typing.List[VolumeMount]

Volume mounts configured for this container.


nameRequired
name: str
  • Type: str

The name of the container.


argsOptional
args: typing.List[str]
  • Type: typing.List[str]

Arguments to the entrypoint.


commandOptional
command: typing.List[str]
  • Type: typing.List[str]

Entrypoint array (the command to execute when the container starts).


portOptional
port: typing.Union[int, float]
  • Type: typing.Union[int, float]

The port this container exposes.


working_dirOptional
working_dir: str
  • Type: str

The working directory inside the container.


EnvValue

Utility class for creating reading env values from various sources.

Static Functions

from_config_map
import cdk8s_plus_20

cdk8s_plus_20.EnvValue.from_config_map(
  config_map: IConfigMap,
  key: str,
  optional: bool = None
)
config_mapRequired

The config map.


keyRequired
  • Type: str

The key to extract the value from.


optionalOptional
  • Type: bool
  • Default: false

Specify whether the ConfigMap or its key must be defined.


from_process
import cdk8s_plus_20

cdk8s_plus_20.EnvValue.from_process(
  key: str,
  required: bool = None
)
keyRequired
  • Type: str

The key to read.


requiredOptional
  • Type: bool
  • Default: false

Specify whether the key must exist in the environment.

If this is set to true, and the key does not exist, an error will thrown.


from_secret_value
import cdk8s_plus_20

cdk8s_plus_20.EnvValue.from_secret_value(
  key: str,
  secret: ISecret,
  optional: bool = None
)
keyRequired
  • Type: str

The JSON key.


secretRequired

The secret.


optionalOptional
  • Type: bool
  • Default: false

Specify whether the Secret or its key must be defined.


from_value
import cdk8s_plus_20

cdk8s_plus_20.EnvValue.from_value(
  value: str
)
valueRequired
  • Type: str

The value.


Properties

valueOptional
value: typing.Any
  • Type: typing.Any

value_fromOptional
value_from: typing.Any
  • Type: typing.Any

IngressV1Beta1Backend

The backend for an ingress path.

Static Functions

from_service
import cdk8s_plus_20

cdk8s_plus_20.IngressV1Beta1Backend.from_service(
  service: Service,
  port: typing.Union[int, float] = None
)
serviceRequired

The service object.


portOptional
  • Type: typing.Union[int, float]
  • Default: if the service exposes a single port, this port will be used.

The port to use to access the service.

This option will fail if the service does not expose any ports. - If the service exposes multiple ports, this option must be specified. - If the service exposes a single port, this option is optional and if specified, it must be the same port exposed by the service.


PodSpec

Provides read/write capabilities ontop of a PodSpecProps.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.PodSpec(
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None
)
containersOptional

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


Methods

add_container
def add_container(
  image: str,
  args: typing.List[str] = None,
  command: typing.List[str] = None,
  env: typing.Mapping[EnvValue] = None,
  image_pull_policy: ImagePullPolicy = None,
  liveness: Probe = None,
  name: str = None,
  port: typing.Union[int, float] = None,
  readiness: Probe = None,
  startup: Probe = None,
  volume_mounts: typing.List[VolumeMount] = None,
  working_dir: str = None
)
imageRequired
  • Type: str

Docker image name.


argsOptional
  • Type: typing.List[str]
  • Default: []

Arguments to the entrypoint. The docker image’s CMD is used if command is not provided.

Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


commandOptional
  • Type: typing.List[str]
  • Default: The docker image’s ENTRYPOINT.

Entrypoint array.

Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


envOptional

List of environment variables to set in the container.

Cannot be updated.


image_pull_policyOptional

Image pull policy for this container.


livenessOptional

Periodic probe of container liveness.

Container will be restarted if the probe fails.


nameOptional
  • Type: str
  • Default: ‘main’

Name of the container specified as a DNS_LABEL.

Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.


portOptional
  • Type: typing.Union[int, float]
  • Default: No port is exposed.

Number of port to expose on the pod’s IP address.

This must be a valid port number, 0 < x < 65536.


readinessOptional

Determines when the container is ready to serve traffic.


startupOptional

StartupProbe indicates that the Pod has successfully initialized.

If specified, no other probes are executed until this completes successfully


volume_mountsOptional

Pod volumes to mount into the container’s filesystem.

Cannot be updated.


working_dirOptional
  • Type: str
  • Default: The container runtime’s default.

Container’s working directory.

If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.


add_volume
def add_volume(
  volume: Volume
)
volumeRequired

Properties

containersRequired
containers: typing.List[Container]

The containers belonging to the pod.

Use addContainer to add containers.


volumesRequired
volumes: typing.List[Volume]

The volumes associated with this pod.

Use addVolume to add volumes.


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.


service_accountOptional
service_account: IServiceAccount

The service account used to run this pod.


PodTemplate

Provides read/write capabilities ontop of a PodTemplateProps.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.PodTemplate(
  containers: typing.List[ContainerProps] = None,
  restart_policy: RestartPolicy = None,
  service_account: IServiceAccount = None,
  volumes: typing.List[Volume] = None,
  pod_metadata: ApiObjectMetadata = None
)
containersOptional

List of containers belonging to the pod.

Containers cannot currently be added or removed. There must be at least one container in a Pod.

You can add additionnal containers using podSpec.addContainer()


restart_policyOptional

Restart policy for all containers within the pod.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy


service_accountOptional

A service account provides an identity for processes that run in a Pod.

When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/


volumesOptional

List of volumes that can be mounted by containers belonging to the pod.

You can also add volumes later using podSpec.addVolume()

https://kubernetes.io/docs/concepts/storage/volumes


pod_metadataOptional

The pod metadata.


Properties

pod_metadataRequired
pod_metadata: ApiObjectMetadataDefinition

Provides read/write access to the underlying pod metadata of the resource.


Probe

Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.

Initializers

import cdk8s_plus_20

cdk8s_plus_20.Probe()

Static Functions

from_command
import cdk8s_plus_20

cdk8s_plus_20.Probe.from_command(
  command: typing.List[str],
  failure_threshold: typing.Union[int, float] = None,
  initial_delay_seconds: Duration = None,
  period_seconds: Duration = None,
  success_threshold: typing.Union[int, float] = None,
  timeout_seconds: Duration = None
)
commandRequired
  • Type: typing.List[str]

The command to execute.


failure_thresholdOptional
  • Type: typing.Union[int, float]
  • Default: 3

Minimum consecutive failures for the probe to be considered failed after having succeeded.

Defaults to 3. Minimum value is 1.


initial_delay_secondsOptional

Number of seconds after the container has started before liveness probes are initiated.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


period_secondsOptional
  • Type: cdk8s.Duration
  • Default: Duration.seconds(10) Minimum value is 1.

How often (in seconds) to perform the probe.

Default to 10 seconds. Minimum value is 1.


success_thresholdOptional
  • Type: typing.Union[int, float]
  • Default: 1 Must be 1 for liveness and startup. Minimum value is 1.

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1.

Must be 1 for liveness and startup. Minimum value is 1.


timeout_secondsOptional

Number of seconds after which the probe times out.

Defaults to 1 second. Minimum value is 1.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


from_http_get
import cdk8s_plus_20

cdk8s_plus_20.Probe.from_http_get(
  path: str,
  failure_threshold: typing.Union[int, float] = None,
  initial_delay_seconds: Duration = None,
  period_seconds: Duration = None,
  success_threshold: typing.Union[int, float] = None,
  timeout_seconds: Duration = None,
  port: typing.Union[int, float] = None
)
pathRequired
  • Type: str

The URL path to hit.


failure_thresholdOptional
  • Type: typing.Union[int, float]
  • Default: 3

Minimum consecutive failures for the probe to be considered failed after having succeeded.

Defaults to 3. Minimum value is 1.


initial_delay_secondsOptional

Number of seconds after the container has started before liveness probes are initiated.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


period_secondsOptional
  • Type: cdk8s.Duration
  • Default: Duration.seconds(10) Minimum value is 1.

How often (in seconds) to perform the probe.

Default to 10 seconds. Minimum value is 1.


success_thresholdOptional
  • Type: typing.Union[int, float]
  • Default: 1 Must be 1 for liveness and startup. Minimum value is 1.

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1.

Must be 1 for liveness and startup. Minimum value is 1.


timeout_secondsOptional

Number of seconds after which the probe times out.

Defaults to 1 second. Minimum value is 1.

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes


portOptional
  • Type: typing.Union[int, float]
  • Default: defaults to container.port.

The TCP port to use when sending the GET request.


Volume

Volume represents a named volume in a pod that may be accessed by any container in the pod.

Docker also has a concept of volumes, though it is somewhat looser and less managed. In Docker, a volume is simply a directory on disk or in another Container. Lifetimes are not managed and until very recently there were only local-disk-backed volumes. Docker now provides volume drivers, but the functionality is very limited for now (e.g. as of Docker 1.7 only one volume driver is allowed per Container and there is no way to pass parameters to volumes).

A Kubernetes volume, on the other hand, has an explicit lifetime - the same as the Pod that encloses it. Consequently, a volume outlives any Containers that run within the Pod, and data is preserved across Container restarts. Of course, when a Pod ceases to exist, the volume will cease to exist, too. Perhaps more importantly than this, Kubernetes supports many types of volumes, and a Pod can use any number of them simultaneously.

At its core, a volume is just a directory, possibly with some data in it, which is accessible to the Containers in a Pod. How that directory comes to be, the medium that backs it, and the contents of it are determined by the particular volume type used.

To use a volume, a Pod specifies what volumes to provide for the Pod (the .spec.volumes field) and where to mount those into Containers (the .spec.containers[*].volumeMounts field).

A process in a container sees a filesystem view composed from their Docker image and volumes. The Docker image is at the root of the filesystem hierarchy, and any volumes are mounted at the specified paths within the image. Volumes can not mount onto other volumes

Initializers

import cdk8s_plus_20

cdk8s_plus_20.Volume(
  name: str,
  config: typing.Any
)
nameRequired
  • Type: str

configRequired
  • Type: typing.Any

Static Functions

from_config_map
import cdk8s_plus_20

cdk8s_plus_20.Volume.from_config_map(
  config_map: IConfigMap,
  default_mode: typing.Union[int, float] = None,
  items: typing.Mapping[PathMapping] = None,
  name: str = None,
  optional: bool = None
)
config_mapRequired

The config map to use to populate the volume.


default_modeOptional
  • Type: typing.Union[int, float]
  • Default: 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

Mode bits to use on created files by default.

Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.


itemsOptional

If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value.

If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the ‘..’ path or start with ‘..’.


nameOptional
  • Type: str
  • Default: auto-generated

The volume name.


optionalOptional
  • Type: bool
  • Default: undocumented

Specify whether the ConfigMap or its keys must be defined.


from_empty_dir
import cdk8s_plus_20

cdk8s_plus_20.Volume.from_empty_dir(
  name: str,
  medium: EmptyDirMedium = None,
  size_limit: Size = None
)
nameRequired
  • Type: str

mediumOptional

By default, emptyDir volumes are stored on whatever medium is backing the node - that might be disk or SSD or network storage, depending on your environment.

However, you can set the emptyDir.medium field to EmptyDirMedium.MEMORY to tell Kubernetes to mount a tmpfs (RAM-backed filesystem) for you instead. While tmpfs is very fast, be aware that unlike disks, tmpfs is cleared on node reboot and any files you write will count against your Container’s memory limit.


size_limitOptional

Total amount of local storage required for this EmptyDir volume.

The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod.


Properties

nameRequired
name: str
  • Type: str

Protocols

IConfigMap

Represents a config map.

Properties

nameRequired
name: str
  • Type: str

The Kubernetes name of this resource.


IPodSpec

Represents a resource that can be configured with a kuberenets pod spec. (e.g Deployment, Job, Pod, …).

Use the PodSpec class as an implementation helper.

Methods

add_container
def add_container(
  image: str,
  args: typing.List[str] = None,
  command: typing.List[str] = None,
  env: typing.Mapping[EnvValue] = None,
  image_pull_policy: ImagePullPolicy = None,
  liveness: Probe = None,
  name: str = None,
  port: typing.Union[int, float] = None,
  readiness: Probe = None,
  startup: Probe = None,
  volume_mounts: typing.List[VolumeMount] = None,
  working_dir: str = None
)
imageRequired
  • Type: str

Docker image name.


argsOptional
  • Type: typing.List[str]
  • Default: []

Arguments to the entrypoint. The docker image’s CMD is used if command is not provided.

Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


commandOptional
  • Type: typing.List[str]
  • Default: The docker image’s ENTRYPOINT.

Entrypoint array.

Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell


envOptional

List of environment variables to set in the container.

Cannot be updated.


image_pull_policyOptional

Image pull policy for this container.


livenessOptional

Periodic probe of container liveness.

Container will be restarted if the probe fails.


nameOptional
  • Type: str
  • Default: ‘main’

Name of the container specified as a DNS_LABEL.

Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.


portOptional
  • Type: typing.Union[int, float]
  • Default: No port is exposed.

Number of port to expose on the pod’s IP address.

This must be a valid port number, 0 < x < 65536.


readinessOptional

Determines when the container is ready to serve traffic.


startupOptional

StartupProbe indicates that the Pod has successfully initialized.

If specified, no other probes are executed until this completes successfully


volume_mountsOptional

Pod volumes to mount into the container’s filesystem.

Cannot be updated.


working_dirOptional
  • Type: str
  • Default: The container runtime’s default.

Container’s working directory.

If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.


add_volume
def add_volume(
  volume: Volume
)
volumeRequired

The volume.


Properties

containersRequired
containers: typing.List[Container]

The containers belonging to the pod.

Use addContainer to add containers.


volumesRequired
volumes: typing.List[Volume]

The volumes associated with this pod.

Use addVolume to add volumes.


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.


service_accountOptional
service_account: IServiceAccount

The service account used to run this pod.


IPodTemplate

Represents a resource that can be configured with a kuberenets pod template. (e.g Deployment, Job, …).

Use the PodTemplate class as an implementation helper.

Properties

containersRequired
containers: typing.List[Container]

The containers belonging to the pod.

Use addContainer to add containers.


volumesRequired
volumes: typing.List[Volume]

The volumes associated with this pod.

Use addVolume to add volumes.


restart_policyOptional
restart_policy: RestartPolicy

Restart policy for all containers within the pod.


service_accountOptional
service_account: IServiceAccount

The service account used to run this pod.


pod_metadataRequired
pod_metadata: ApiObjectMetadataDefinition

Provides read/write access to the underlying pod metadata of the resource.


IResource

Represents a resource.

Properties

nameRequired
name: str
  • Type: str

The Kubernetes name of this resource.


ISecret

Properties

nameRequired
name: str
  • Type: str

The Kubernetes name of this resource.


IServiceAccount

Properties

nameRequired
name: str
  • Type: str

The Kubernetes name of this resource.


Enums

EmptyDirMedium

The medium on which to store the volume.

DEFAULT

The default volume of the backing node.


MEMORY

Mount a tmpfs (RAM-backed filesystem) for you instead.

While tmpfs is very fast, be aware that unlike disks, tmpfs is cleared on node reboot and any files you write will count against your Container’s memory limit.


ImagePullPolicy

ALWAYS

Every time the kubelet launches a container, the kubelet queries the container image registry to resolve the name to an image digest.

If the kubelet has a container image with that exact digest cached locally, the kubelet uses its cached image; otherwise, the kubelet downloads (pulls) the image with the resolved digest, and uses that image to launch the container.

Default is Always if ImagePullPolicy is omitted and either the image tag is :latest or the image tag is omitted.


IF_NOT_PRESENT

The image is pulled only if it is not already present locally.

Default is IfNotPresent if ImagePullPolicy is omitted and the image tag is present but not :latest


NEVER

The image is assumed to exist locally.

No attempt is made to pull the image.


MountPropagation

NONE

This volume mount will not receive any subsequent mounts that are mounted to this volume or any of its subdirectories by the host.

In similar fashion, no mounts created by the Container will be visible on the host.

This is the default mode.

This mode is equal to private mount propagation as described in the Linux kernel documentation


HOST_TO_CONTAINER

This volume mount will receive all subsequent mounts that are mounted to this volume or any of its subdirectories.

In other words, if the host mounts anything inside the volume mount, the Container will see it mounted there.

Similarly, if any Pod with Bidirectional mount propagation to the same volume mounts anything there, the Container with HostToContainer mount propagation will see it.

This mode is equal to rslave mount propagation as described in the Linux kernel documentation


BIDIRECTIONAL

This volume mount behaves the same the HostToContainer mount.

In addition, all volume mounts created by the Container will be propagated back to the host and to all Containers of all Pods that use the same volume

A typical use case for this mode is a Pod with a FlexVolume or CSI driver or a Pod that needs to mount something on the host using a hostPath volume.

This mode is equal to rshared mount propagation as described in the Linux kernel documentation

Caution: Bidirectional mount propagation can be dangerous. It can damage the host operating system and therefore it is allowed only in privileged Containers. Familiarity with Linux kernel behavior is strongly recommended. In addition, any volume mounts created by Containers in Pods must be destroyed (unmounted) by the Containers on termination.


PodManagementPolicy

Controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down.

The default policy is OrderedReady, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order.

The alternative policy is Parallel which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.

ORDERED_READY


PARALLEL


Protocol

TCP


UDP


SCTP


RestartPolicy

Restart policy for all containers within the pod.

ALWAYS

Always restart the pod after it exits.


ON_FAILURE

Only restart if the pod exits with a non-zero exit code.


NEVER

Never restart the pod.


ServiceType

For some parts of your application (for example, frontends) you may want to expose a Service onto an external IP address, that’s outside of your cluster.

Kubernetes ServiceTypes allow you to specify what kind of Service you want. The default is ClusterIP.

CLUSTER_IP

Exposes the Service on a cluster-internal IP.

Choosing this value makes the Service only reachable from within the cluster. This is the default ServiceType


NODE_PORT

Exposes the Service on each Node’s IP at a static port (the NodePort).

A ClusterIP Service, to which the NodePort Service routes, is automatically created. You’ll be able to contact the NodePort Service, from outside the cluster, by requesting :.


LOAD_BALANCER

Exposes the Service externally using a cloud provider’s load balancer.

NodePort and ClusterIP Services, to which the external load balancer routes, are automatically created.


EXTERNAL_NAME

Maps the Service to the contents of the externalName field (e.g. foo.bar.example.com), by returning a CNAME record with its value. No proxying of any kind is set up.

Note: You need either kube-dns version 1.7 or CoreDNS version 0.0.8 or higher to use the ExternalName type.