cdk8s-plus-29 (Java) ¶
Constructs ¶
AbstractPod ¶
- Implements:
org.cdk8s.plus29.IPodSelector
,org.cdk8s.plus29.INetworkPolicyPeer
,org.cdk8s.plus29.ISubject
Initializers ¶
import org.cdk8s.plus29.AbstractPod;
AbstractPod.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
Methods ¶
addContainer
¶
public addContainer(ContainerProps cont)
cont
Required ¶
addHostAlias
¶
public addHostAlias(HostAlias hostAlias)
hostAlias
Required ¶
addInitContainer
¶
public addInitContainer(ContainerProps cont)
cont
Required ¶
addVolume
¶
public addVolume(Volume vol)
vol
Required ¶
- Type:
org.cdk8s.plus29.Volume
attachContainer
¶
public attachContainer(Container cont)
cont
Required ¶
toNetworkPolicyPeerConfig
¶
public toNetworkPolicyPeerConfig()
toPodSelector
¶
public toPodSelector()
toPodSelectorConfig
¶
public toPodSelectorConfig()
toSubjectConfiguration
¶
public toSubjectConfiguration()
Properties ¶
automountServiceAccountToken
Required ¶
public java.lang.Boolean getAutomountServiceAccountToken();
- Type:
java.lang.Boolean
containers
Required ¶
public java.util.List<Container> getContainers();
- Type: java.util.List<
org.cdk8s.plus29.Container
>
dns
Required ¶
public PodDns getDns();
- Type:
org.cdk8s.plus29.PodDns
hostAliases
Required ¶
public java.util.List<HostAlias> getHostAliases();
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
initContainers
Required ¶
public java.util.List<Container> getInitContainers();
- Type: java.util.List<
org.cdk8s.plus29.Container
>
podMetadata
Required ¶
public ApiObjectMetadataDefinition getPodMetadata();
securityContext
Required ¶
public PodSecurityContext getSecurityContext();
volumes
Required ¶
public java.util.List<Volume> getVolumes();
- Type: java.util.List<
org.cdk8s.plus29.Volume
>
dockerRegistryAuth
Optional ¶
public ISecret getDockerRegistryAuth();
- Type:
org.cdk8s.plus29.ISecret
hostNetwork
Optional ¶
public java.lang.Boolean getHostNetwork();
- Type:
java.lang.Boolean
restartPolicy
Optional ¶
public RestartPolicy getRestartPolicy();
serviceAccount
Optional ¶
public IServiceAccount getServiceAccount();
terminationGracePeriod
Optional ¶
public Duration getTerminationGracePeriod();
- Type:
org.cdk8s.Duration
AwsElasticBlockStorePersistentVolume ¶
Represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
Initializers ¶
import org.cdk8s.plus29.AwsElasticBlockStorePersistentVolume;
AwsElasticBlockStorePersistentVolume.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .accessModes(java.util.List<PersistentVolumeAccessMode>)
// .claim(IPersistentVolumeClaim)
// .mountOptions(java.util.List<java.lang.String>)
// .reclaimPolicy(PersistentVolumeReclaimPolicy)
// .storage(Size)
// .storageClassName(java.lang.String)
// .volumeMode(PersistentVolumeMode)
.volumeId(java.lang.String)
// .fsType(java.lang.String)
// .partition(java.lang.Number)
// .readOnly(java.lang.Boolean)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
accessModes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
> - Default: No access modes.
Contains all ways the volume can be mounted.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
claim
Optional ¶
- Type:
org.cdk8s.plus29.IPersistentVolumeClaim
- Default: Not bound to a specific claim.
Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
Expected to be non-nil when bound.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
mountOptions
Optional ¶
- Type: java.util.List<
java.lang.String
> - Default: No options.
A list of mount options, e.g. [“ro”, “soft”]. Not validated - mount will simply fail if one is invalid.
https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
reclaimPolicy
Optional ¶
- Type:
org.cdk8s.plus29.PersistentVolumeReclaimPolicy
- Default: PersistentVolumeReclaimPolicy.RETAIN
When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
The reclaim policy tells the cluster what to do with the volume after it has been released of its claim.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
storage
Optional ¶
- Type:
org.cdk8s.Size
- Default: No specified.
What is the storage capacity of this volume.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
storageClassName
Optional ¶
- Type:
java.lang.String
- Default: Volume does not belong to any storage class.
Name of StorageClass to which this persistent volume belongs.
volumeMode
Optional ¶
- Type:
org.cdk8s.plus29.PersistentVolumeMode
- Default: VolumeMode.FILE_SYSTEM
Defines what type of volume is required by the claim.
volumeId
Required ¶
- Type:
java.lang.String
Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
fsType
Optional ¶
- Type:
java.lang.String
- Default: ‘ext4’
Filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
partition
Optional ¶
- Type:
java.lang.Number
- Default: No partition.
The partition in the volume that you want to mount.
If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as “1”. Similarly, the volume partition for /dev/sda is “0” (or you can leave the property empty).
readOnly
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Specify “true” to force and set the ReadOnly property in VolumeMounts to “true”.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
Properties ¶
fsType
Required ¶
public java.lang.String getFsType();
- Type:
java.lang.String
File system type of this volume.
readOnly
Required ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
Whether or not it is mounted as a read-only volume.
volumeId
Required ¶
public java.lang.String getVolumeId();
- Type:
java.lang.String
Volume id of this volume.
partition
Optional ¶
public java.lang.Number getPartition();
- Type:
java.lang.Number
Partition of this volume.
AzureDiskPersistentVolume ¶
AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
Initializers ¶
import org.cdk8s.plus29.AzureDiskPersistentVolume;
AzureDiskPersistentVolume.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .accessModes(java.util.List<PersistentVolumeAccessMode>)
// .claim(IPersistentVolumeClaim)
// .mountOptions(java.util.List<java.lang.String>)
// .reclaimPolicy(PersistentVolumeReclaimPolicy)
// .storage(Size)
// .storageClassName(java.lang.String)
// .volumeMode(PersistentVolumeMode)
.diskName(java.lang.String)
.diskUri(java.lang.String)
// .cachingMode(AzureDiskPersistentVolumeCachingMode)
// .fsType(java.lang.String)
// .kind(AzureDiskPersistentVolumeKind)
// .readOnly(java.lang.Boolean)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
accessModes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
> - Default: No access modes.
Contains all ways the volume can be mounted.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
claim
Optional ¶
- Type:
org.cdk8s.plus29.IPersistentVolumeClaim
- Default: Not bound to a specific claim.
Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
Expected to be non-nil when bound.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
mountOptions
Optional ¶
- Type: java.util.List<
java.lang.String
> - Default: No options.
A list of mount options, e.g. [“ro”, “soft”]. Not validated - mount will simply fail if one is invalid.
https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
reclaimPolicy
Optional ¶
- Type:
org.cdk8s.plus29.PersistentVolumeReclaimPolicy
- Default: PersistentVolumeReclaimPolicy.RETAIN
When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
The reclaim policy tells the cluster what to do with the volume after it has been released of its claim.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
storage
Optional ¶
- Type:
org.cdk8s.Size
- Default: No specified.
What is the storage capacity of this volume.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
storageClassName
Optional ¶
- Type:
java.lang.String
- Default: Volume does not belong to any storage class.
Name of StorageClass to which this persistent volume belongs.
volumeMode
Optional ¶
- Type:
org.cdk8s.plus29.PersistentVolumeMode
- Default: VolumeMode.FILE_SYSTEM
Defines what type of volume is required by the claim.
diskName
Required ¶
- Type:
java.lang.String
The Name of the data disk in the blob storage.
diskUri
Required ¶
- Type:
java.lang.String
The URI the data disk in the blob storage.
cachingMode
Optional ¶
- Type:
org.cdk8s.plus29.AzureDiskPersistentVolumeCachingMode
- Default: AzureDiskPersistentVolumeCachingMode.NONE.
Host Caching mode.
fsType
Optional ¶
- Type:
java.lang.String
- Default: ‘ext4’
Filesystem type to mount.
Must be a filesystem type supported by the host operating system.
kind
Optional ¶
- Type:
org.cdk8s.plus29.AzureDiskPersistentVolumeKind
- Default: AzureDiskPersistentVolumeKind.SHARED
Kind of disk.
readOnly
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Force the ReadOnly setting in VolumeMounts.
Properties ¶
azureKind
Required ¶
public AzureDiskPersistentVolumeKind getAzureKind();
Azure kind of this volume.
cachingMode
Required ¶
public AzureDiskPersistentVolumeCachingMode getCachingMode();
Caching mode of this volume.
diskName
Required ¶
public java.lang.String getDiskName();
- Type:
java.lang.String
Disk name of this volume.
diskUri
Required ¶
public java.lang.String getDiskUri();
- Type:
java.lang.String
Disk URI of this volume.
fsType
Required ¶
public java.lang.String getFsType();
- Type:
java.lang.String
File system type of this volume.
readOnly
Required ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
Whether or not it is mounted as a read-only volume.
BasicAuthSecret ¶
Create a secret for basic authentication.
https://kubernetes.io/docs/concepts/configuration/secret/#basic-authentication-secret
Initializers ¶
import org.cdk8s.plus29.BasicAuthSecret;
BasicAuthSecret.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .immutable(java.lang.Boolean)
.password(java.lang.String)
.username(java.lang.String)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
immutable
Optional ¶
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
password
Required ¶
- Type:
java.lang.String
The password or token for authentication.
username
Required ¶
- Type:
java.lang.String
The user name for authentication.
ClusterRole ¶
- Implements:
org.cdk8s.plus29.IClusterRole
,org.cdk8s.plus29.IRole
ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
Initializers ¶
import org.cdk8s.plus29.ClusterRole;
ClusterRole.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .aggregationLabels(java.util.Map<java.lang.String, java.lang.String>)
// .rules(java.util.List<ClusterRolePolicyRule>)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
aggregationLabels
Optional ¶
- Type: java.util.Map
java.lang.String>
Specify labels that should be used to locate ClusterRoles, whose rules will be automatically filled into this ClusterRole’s rules.
rules
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ClusterRolePolicyRule
> - Default: []
A list of rules the role should allow.
Methods ¶
aggregate
¶
public aggregate(java.lang.String key, java.lang.String value)
key
Required ¶
- Type:
java.lang.String
value
Required ¶
- Type:
java.lang.String
allow
¶
public allow(java.util.List<java.lang.String> verbs, IApiEndpoint endpoints)
verbs
Required ¶
- Type: java.util.List<
java.lang.String
>
endpoints
Required ¶
The endpoints(s) to apply to.
allowCreate
¶
public allowCreate(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
allowDelete
¶
public allowDelete(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
allowDeleteCollection
¶
public allowDeleteCollection(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
allowGet
¶
public allowGet(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
allowList
¶
public allowList(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
allowPatch
¶
public allowPatch(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
allowRead
¶
public allowRead(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
allowReadWrite
¶
public allowReadWrite(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
allowUpdate
¶
public allowUpdate(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
allowWatch
¶
public allowWatch(IApiEndpoint endpoints)
endpoints
Required ¶
The resource(s) to apply to.
bind
¶
public bind(ISubject subjects)
subjects
Required ¶
a list of subjects to bind to.
bindInNamespace
¶
public bindInNamespace(java.lang.String namespace, ISubject subjects)
namespace
Required ¶
- Type:
java.lang.String
the namespace to limit permissions to.
subjects
Required ¶
a list of subjects to bind to.
combine
¶
public combine(ClusterRole rol)
rol
Required ¶
Static Functions ¶
fromClusterRoleName
¶
import org.cdk8s.plus29.ClusterRole;
ClusterRole.fromClusterRoleName(Construct scope, java.lang.String id, java.lang.String name)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
Properties ¶
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
rules
Required ¶
public java.util.List<ClusterRolePolicyRule> getRules();
- Type: java.util.List<
org.cdk8s.plus29.ClusterRolePolicyRule
>
Rules associaated with this Role.
Returns a copy, use allow
to add rules.
ClusterRoleBinding ¶
A ClusterRoleBinding grants permissions cluster-wide to a user or set of users.
Initializers ¶
import org.cdk8s.plus29.ClusterRoleBinding;
ClusterRoleBinding.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
.role(IClusterRole)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
role
Required ¶
The role to bind to.
Methods ¶
addSubjects
¶
public addSubjects(ISubject subjects)
subjects
Required ¶
The subjects to add.
Properties ¶
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
role
Required ¶
public IClusterRole getRole();
subjects
Required ¶
public java.util.List<ISubject> getSubjects();
- Type: java.util.List<
org.cdk8s.plus29.ISubject
>
ConfigMap ¶
- Implements:
org.cdk8s.plus29.IConfigMap
ConfigMap holds configuration data for pods to consume.
Initializers ¶
import org.cdk8s.plus29.ConfigMap;
ConfigMap.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .binaryData(java.util.Map<java.lang.String, java.lang.String>)
// .data(java.util.Map<java.lang.String, java.lang.String>)
// .immutable(java.lang.Boolean)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
binaryData
Optional ¶
- Type: java.util.Map
java.lang.String>
BinaryData contains the binary data.
Each key must consist of alphanumeric characters, ‘-‘, ‘_’ or ‘.’. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process.
You can also add binary data using configMap.addBinaryData()
.
data
Optional ¶
- Type: java.util.Map
java.lang.String>
Data contains the configuration data.
Each key must consist of alphanumeric characters, ‘-‘, ‘_’ or ‘.’. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.
You can also add data using configMap.addData()
.
immutable
Optional ¶
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the ConfigMap cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
Methods ¶
addBinaryData
¶
public addBinaryData(java.lang.String key, java.lang.String value)
key
Required ¶
- Type:
java.lang.String
The key.
value
Required ¶
- Type:
java.lang.String
The value.
addData
¶
public addData(java.lang.String key, java.lang.String value)
key
Required ¶
- Type:
java.lang.String
The key.
value
Required ¶
- Type:
java.lang.String
The value.
addDirectory
¶
public addDirectory(java.lang.String localDir)
public addDirectory(java.lang.String localDir, AddDirectoryOptions options)
localDir
Required ¶
- Type:
java.lang.String
A path to a local directory.
options
Optional ¶
Options.
addFile
¶
public addFile(java.lang.String localFile)
public addFile(java.lang.String localFile, java.lang.String key)
localFile
Required ¶
- Type:
java.lang.String
The path to the local file.
key
Optional ¶
- Type:
java.lang.String
The ConfigMap key (default to the file name).
Static Functions ¶
fromConfigMapName
¶
import org.cdk8s.plus29.ConfigMap;
ConfigMap.fromConfigMapName(Construct scope, java.lang.String id, java.lang.String name)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
Properties ¶
binaryData
Required ¶
public java.util.Map<java.lang.String, java.lang.String> getBinaryData();
- Type: java.util.Map
java.lang.String>
The binary data associated with this config map.
Returns a copy. To add data records, use addBinaryData()
or addData()
.
data
Required ¶
public java.util.Map<java.lang.String, java.lang.String> getData();
- Type: java.util.Map
java.lang.String>
The data associated with this config map.
Returns an copy. To add data records, use addData()
or addBinaryData()
.
immutable
Required ¶
public java.lang.Boolean getImmutable();
- Type:
java.lang.Boolean
Whether or not this config map is immutable.
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
CronJob ¶
A CronJob is responsible for creating a Job and scheduling it based on provided cron schedule.
This helps running Jobs in a recurring manner.
Initializers ¶
import org.cdk8s.plus29.CronJob;
CronJob.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
// .activeDeadline(Duration)
// .backoffLimit(java.lang.Number)
// .ttlAfterFinished(Duration)
.schedule(Cron)
// .concurrencyPolicy(ConcurrencyPolicy)
// .failedJobsRetained(java.lang.Number)
// .startingDeadline(Duration)
// .successfulJobsRetained(java.lang.Number)
// .suspend(java.lang.Boolean)
// .timeZone(java.lang.String)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
The pod metadata of this workload.
select
Optional ¶
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
activeDeadline
Optional ¶
- Type:
org.cdk8s.Duration
- Default: If unset, then there is no deadline.
Specifies the duration the job may be active before the system tries to terminate it.
backoffLimit
Optional ¶
- Type:
java.lang.Number
- Default: If not set, system defaults to 6.
Specifies the number of retries before marking this job failed.
ttlAfterFinished
Optional ¶
- Type:
org.cdk8s.Duration
- Default: If this field is unset, the Job won’t be automatically deleted.
Limits the lifetime of a Job that has finished execution (either Complete or Failed).
If this field is set, after the Job finishes, it is eligible to
be automatically deleted. When the Job is being deleted, its lifecycle
guarantees (e.g. finalizers) will be honored. If this field is set to zero,
the Job becomes eligible to be deleted immediately after it finishes. This
field is alpha-level and is only honored by servers that enable the
TTLAfterFinished
feature.
schedule
Required ¶
- Type:
org.cdk8s.Cron
Specifies the time in which the job would run again.
This is defined as a cron expression in the CronJob resource.
concurrencyPolicy
Optional ¶
- Type:
org.cdk8s.plus29.ConcurrencyPolicy
- Default: ConcurrencyPolicy.Forbid
Specifies the concurrency policy for the job.
failedJobsRetained
Optional ¶
- Type:
java.lang.Number
- Default: 1
Specifies the number of failed jobs history retained.
This would retain the Job and the associated Pod resource and can be useful for debugging.
startingDeadline
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(10)
Kubernetes attempts to start cron jobs at its schedule time, but this is not guaranteed.
This deadline specifies how much time can pass after a schedule point, for which kubernetes can still start the job. For example, if this is set to 100 seconds, kubernetes is allowed to start the job at a maximum 100 seconds after the scheduled time.
Note that the Kubernetes CronJobController checks for things every 10 seconds, for this reason, a deadline below 10 seconds is not allowed, as it may cause your job to never be scheduled.
In addition, kubernetes will stop scheduling jobs if more than 100 schedules were missed (for any reason). This property also controls what time interval should kubernetes consider when counting for missed schedules.
For example, suppose a CronJob is set to schedule a new Job every one minute beginning at 08:30:00,
and its startingDeadline
field is not set. If the CronJob controller happens to be down from 08:29:00 to 10:21:00,
the job will not start as the number of missed jobs which missed their schedule is greater than 100.
However, if startingDeadline
is set to 200 seconds, kubernetes will only count 3 missed schedules, and thus
start a new execution at 10:22:00.
successfulJobsRetained
Optional ¶
- Type:
java.lang.Number
- Default: 3
Specifies the number of successful jobs history retained.
This would retain the Job and the associated Pod resource and can be useful for debugging.
suspend
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Specifies if the cron job should be suspended.
Only applies to future executions, current ones are remained untouched.
timeZone
Optional ¶
- Type:
java.lang.String
- Default: Timezone of kube-controller-manager process.
Specifies the timezone for the job.
This helps aligining the schedule to follow the specified timezone.
{@link https://en.wikipedia.org/wiki/List_of_tz_database_time_zones} for list of valid timezone values.
Properties ¶
concurrencyPolicy
Required ¶
public java.lang.String getConcurrencyPolicy();
- Type:
java.lang.String
The policy used by this cron job to determine the concurrency mode in which to schedule jobs.
failedJobsRetained
Required ¶
public java.lang.Number getFailedJobsRetained();
- Type:
java.lang.Number
The number of failed jobs retained by this cron job.
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
Represents the resource type.
schedule
Required ¶
public Cron getSchedule();
- Type:
org.cdk8s.Cron
The schedule this cron job is scheduled to run in.
startingDeadline
Required ¶
public Duration getStartingDeadline();
- Type:
org.cdk8s.Duration
The time by which the running cron job needs to schedule the next job execution.
The job is considered as failed if it misses this deadline.
successfulJobsRetained
Required ¶
public java.lang.Number getSuccessfulJobsRetained();
- Type:
java.lang.Number
The number of successful jobs retained by this cron job.
suspend
Required ¶
public java.lang.Boolean getSuspend();
- Type:
java.lang.Boolean
Whether or not the cron job is currently suspended or not.
timeZone
Optional ¶
public java.lang.String getTimeZone();
- Type:
java.lang.String
The timezone which this cron job would follow to schedule jobs.
DaemonSet ¶
A DaemonSet ensures that all (or some) Nodes run a copy of a Pod.
As nodes are added to the cluster, Pods are added to them. As nodes are removed from the cluster, those Pods are garbage collected. Deleting a DaemonSet will clean up the Pods it created.
Some typical uses of a DaemonSet are:
- running a cluster storage daemon on every node
- running a logs collection daemon on every node
- running a node monitoring daemon on every node
In a simple case, one DaemonSet, covering all nodes, would be used for each type of daemon. A more complex setup might use multiple DaemonSets for a single type of daemon, but with different flags and/or different memory and cpu requests for different hardware types.
Initializers ¶
import org.cdk8s.plus29.DaemonSet;
DaemonSet.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
// .minReadySeconds(java.lang.Number)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
The pod metadata of this workload.
select
Optional ¶
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
minReadySeconds
Optional ¶
- Type:
java.lang.Number
- Default: 0
Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
Properties ¶
minReadySeconds
Required ¶
public java.lang.Number getMinReadySeconds();
- Type:
java.lang.Number
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
Deployment ¶
- Implements:
org.cdk8s.plus29.IScalable
A Deployment provides declarative updates for Pods and ReplicaSets.
You describe a desired state in a Deployment, and the Deployment Controller changes the actual state to the desired state at a controlled rate. You can define Deployments to create new ReplicaSets, or to remove existing Deployments and adopt all their resources with new Deployments.
Note: Do not manage ReplicaSets owned by a Deployment. Consider opening an issue in the main Kubernetes repository if your use case is not covered below.
Use Case
The following are typical use cases for Deployments:
- Create a Deployment to rollout a ReplicaSet. The ReplicaSet creates Pods in the background. Check the status of the rollout to see if it succeeds or not.
- Declare the new state of the Pods by updating the PodTemplateSpec of the Deployment. A new ReplicaSet is created and the Deployment manages moving the Pods from the old ReplicaSet to the new one at a controlled rate. Each new ReplicaSet updates the revision of the Deployment.
- Rollback to an earlier Deployment revision if the current state of the Deployment is not stable. Each rollback updates the revision of the Deployment.
- Scale up the Deployment to facilitate more load.
- Pause the Deployment to apply multiple fixes to its PodTemplateSpec and then resume it to start a new rollout.
- Use the status of the Deployment as an indicator that a rollout has stuck.
- Clean up older ReplicaSets that you don’t need anymore.
Initializers ¶
import org.cdk8s.plus29.Deployment;
Deployment.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
// .minReady(Duration)
// .progressDeadline(Duration)
// .replicas(java.lang.Number)
// .strategy(DeploymentStrategy)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
The pod metadata of this workload.
select
Optional ¶
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
minReady
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(0)
Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
Zero means the pod will be considered available as soon as it is ready.
https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#min-ready-seconds
progressDeadline
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(600)
The maximum duration for a deployment to make progress before it is considered to be failed.
The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status.
Note that progress will not be estimated during the time a deployment is paused.
https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#progress-deadline-seconds
replicas
Optional ¶
- Type:
java.lang.Number
- Default: 2
Number of desired pods.
strategy
Optional ¶
- Type:
org.cdk8s.plus29.DeploymentStrategy
- Default: RollingUpdate with maxSurge and maxUnavailable set to 25%.
Specifies the strategy used to replace old Pods by new ones.
Methods ¶
exposeViaIngress
¶
public exposeViaIngress(java.lang.String path)
public exposeViaIngress(java.lang.String path, ExposeDeploymentViaIngressOptions options)
path
Required ¶
- Type:
java.lang.String
The ingress path to register under.
options
Optional ¶
Additional options.
exposeViaService
¶
public exposeViaService()
public exposeViaService(DeploymentExposeViaServiceOptions options)
options
Optional ¶
Options to determine details of the service and port exposed.
markHasAutoscaler
¶
public markHasAutoscaler()
toScalingTarget
¶
public toScalingTarget()
Properties ¶
minReady
Required ¶
public Duration getMinReady();
- Type:
org.cdk8s.Duration
Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
progressDeadline
Required ¶
public Duration getProgressDeadline();
- Type:
org.cdk8s.Duration
The maximum duration for a deployment to make progress before it is considered to be failed.
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
strategy
Required ¶
public DeploymentStrategy getStrategy();
replicas
Optional ¶
public java.lang.Number getReplicas();
- Type:
java.lang.Number
Number of desired pods.
hasAutoscaler
Required ¶
public java.lang.Boolean getHasAutoscaler();
- Type:
java.lang.Boolean
If this is a target of an autoscaler.
DockerConfigSecret ¶
Create a secret for storing credentials for accessing a container image registry.
https://kubernetes.io/docs/concepts/configuration/secret/#docker-config-secrets
Initializers ¶
import org.cdk8s.plus29.DockerConfigSecret;
DockerConfigSecret.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .immutable(java.lang.Boolean)
.data(java.util.Map<java.lang.String, java.lang.Object>)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
immutable
Optional ¶
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
data
Required ¶
- Type: java.util.Map
java.lang.Object>
JSON content to provide for the ~/.docker/config.json
file. This will be stringified and inserted as stringData.
https://docs.docker.com/engine/reference/commandline/cli/#sample-configuration-file
GCEPersistentDiskPersistentVolume ¶
GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod.
Provisioned by an admin.
https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
Initializers ¶
import org.cdk8s.plus29.GCEPersistentDiskPersistentVolume;
GCEPersistentDiskPersistentVolume.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .accessModes(java.util.List<PersistentVolumeAccessMode>)
// .claim(IPersistentVolumeClaim)
// .mountOptions(java.util.List<java.lang.String>)
// .reclaimPolicy(PersistentVolumeReclaimPolicy)
// .storage(Size)
// .storageClassName(java.lang.String)
// .volumeMode(PersistentVolumeMode)
.pdName(java.lang.String)
// .fsType(java.lang.String)
// .partition(java.lang.Number)
// .readOnly(java.lang.Boolean)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
accessModes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
> - Default: No access modes.
Contains all ways the volume can be mounted.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
claim
Optional ¶
- Type:
org.cdk8s.plus29.IPersistentVolumeClaim
- Default: Not bound to a specific claim.
Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
Expected to be non-nil when bound.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
mountOptions
Optional ¶
- Type: java.util.List<
java.lang.String
> - Default: No options.
A list of mount options, e.g. [“ro”, “soft”]. Not validated - mount will simply fail if one is invalid.
https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
reclaimPolicy
Optional ¶
- Type:
org.cdk8s.plus29.PersistentVolumeReclaimPolicy
- Default: PersistentVolumeReclaimPolicy.RETAIN
When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
The reclaim policy tells the cluster what to do with the volume after it has been released of its claim.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
storage
Optional ¶
- Type:
org.cdk8s.Size
- Default: No specified.
What is the storage capacity of this volume.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
storageClassName
Optional ¶
- Type:
java.lang.String
- Default: Volume does not belong to any storage class.
Name of StorageClass to which this persistent volume belongs.
volumeMode
Optional ¶
- Type:
org.cdk8s.plus29.PersistentVolumeMode
- Default: VolumeMode.FILE_SYSTEM
Defines what type of volume is required by the claim.
pdName
Required ¶
- Type:
java.lang.String
Unique name of the PD resource in GCE.
Used to identify the disk in GCE.
https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
fsType
Optional ¶
- Type:
java.lang.String
- Default: ‘ext4’
Filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
partition
Optional ¶
- Type:
java.lang.Number
- Default: No partition.
The partition in the volume that you want to mount.
If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as “1”. Similarly, the volume partition for /dev/sda is “0” (or you can leave the property empty).
readOnly
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Specify “true” to force and set the ReadOnly property in VolumeMounts to “true”.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
Properties ¶
fsType
Required ¶
public java.lang.String getFsType();
- Type:
java.lang.String
File system type of this volume.
pdName
Required ¶
public java.lang.String getPdName();
- Type:
java.lang.String
PD resource in GCE of this volume.
readOnly
Required ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
Whether or not it is mounted as a read-only volume.
partition
Optional ¶
public java.lang.Number getPartition();
- Type:
java.lang.Number
Partition of this volume.
Group ¶
- Implements:
org.cdk8s.plus29.ISubject
Represents a group.
Methods ¶
toSubjectConfiguration
¶
public toSubjectConfiguration()
Static Functions ¶
fromName
¶
import org.cdk8s.plus29.Group;
Group.fromName(Construct scope, java.lang.String id, java.lang.String name)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
Properties ¶
kind
Required ¶
public java.lang.String getKind();
- Type:
java.lang.String
name
Required ¶
public java.lang.String getName();
- Type:
java.lang.String
apiGroup
Optional ¶
public java.lang.String getApiGroup();
- Type:
java.lang.String
HorizontalPodAutoscaler ¶
A HorizontalPodAutoscaler scales a workload up or down in response to a metric change.
This allows your services to scale up when demand is high and scale down when they are no longer needed.
Typical use cases for HorizontalPodAutoscaler:
- When Memory usage is above 70%, scale up the number of replicas to meet the demand.
- When CPU usage is below 30%, scale down the number of replicas to save resources.
- When a service is experiencing a spike in traffic, scale up the number of replicas to meet the demand. Then, when the traffic subsides, scale down the number of replicas to save resources.
The autoscaler uses the following algorithm to determine the number of replicas to scale:
desiredReplicas = ceil[currentReplicas * ( currentMetricValue / desiredMetricValue )]
HorizontalPodAutoscaler’s can be used to with any Scalable
workload:
- Deployment
- StatefulSet
Targets that already have a replica count defined:
Remove any replica counts from the target resource before associating with a HorizontalPodAutoscaler. If this isn’t done, then any time a change to that object is applied, Kubernetes will scale the current number of Pods to the value of the target.replicas key. This may not be desired and could lead to unexpected behavior.
https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#implicit-maintenance-mode-deactivation
Initializers ¶
import org.cdk8s.plus29.HorizontalPodAutoscaler;
HorizontalPodAutoscaler.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
.maxReplicas(java.lang.Number)
.target(IScalable)
// .metrics(java.util.List<Metric>)
// .minReplicas(java.lang.Number)
// .scaleDown(ScalingRules)
// .scaleUp(ScalingRules)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
maxReplicas
Required ¶
- Type:
java.lang.Number
The maximum number of replicas that can be scaled up to.
target
Required ¶
The workload to scale up or down.
Scalable workload types:
- Deployment
- StatefulSet
metrics
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.Metric
> - Default: If metrics are not provided, then the target resource constraints (e.g. cpu limit) will be used as scaling metrics.
The metric conditions that trigger a scale up or scale down.
minReplicas
Optional ¶
- Type:
java.lang.Number
- Default: 1
The minimum number of replicas that can be scaled down to.
Can be set to 0 if the alpha feature gate HPAScaleToZero
is enabled and
at least one Object or External metric is configured.
scaleDown
Optional ¶
- Type:
org.cdk8s.plus29.ScalingRules
- Default: Scale down to minReplica count with a 5 minute stabilization window.
The scaling behavior when scaling down.
scaleUp
Optional ¶
- Type:
org.cdk8s.plus29.ScalingRules
- Default: Is the higher of:
- Increase no more than 4 pods per 60 seconds
- Double the number of pods per 60 seconds
The scaling behavior when scaling up.
Properties ¶
maxReplicas
Required ¶
public java.lang.Number getMaxReplicas();
- Type:
java.lang.Number
The maximum number of replicas that can be scaled up to.
minReplicas
Required ¶
public java.lang.Number getMinReplicas();
- Type:
java.lang.Number
The minimum number of replicas that can be scaled down to.
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
scaleDown
Required ¶
public ScalingRules getScaleDown();
The scaling behavior when scaling down.
scaleUp
Required ¶
public ScalingRules getScaleUp();
The scaling behavior when scaling up.
target
Required ¶
public IScalable getTarget();
The workload to scale up or down.
metrics
Optional ¶
public java.util.List<Metric> getMetrics();
- Type: java.util.List<
org.cdk8s.plus29.Metric
>
The metric conditions that trigger a scale up or scale down.
Ingress ¶
Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend.
An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.
Initializers ¶
import org.cdk8s.plus29.Ingress;
Ingress.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .className(java.lang.String)
// .defaultBackend(IngressBackend)
// .rules(java.util.List<IngressRule>)
// .tls(java.util.List<IngressTls>)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
className
Optional ¶
- Type:
java.lang.String
Class Name for this ingress.
This field is a reference to an IngressClass resource that contains additional Ingress configuration, including the name of the Ingress controller.
defaultBackend
Optional ¶
The default backend services requests that do not match any rule.
Using this option or the addDefaultBackend()
method is equivalent to
adding a rule with both path
and host
undefined.
rules
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.IngressRule
>
Routing rules for this ingress.
Each rule must define an IngressBackend
that will receive the requests
that match this rule. If both host
and path
are not specifiec, this
backend will be used as the default backend of the ingress.
You can also add rules later using addRule()
, addHostRule()
,
addDefaultBackend()
and addHostDefaultBackend()
.
tls
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.IngressTls
>
TLS settings for this ingress.
Using this option tells the ingress controller to expose a TLS endpoint. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.
Methods ¶
addDefaultBackend
¶
public addDefaultBackend(IngressBackend backend)
backend
Required ¶
The backend to use for requests that do not match any rule.
addHostDefaultBackend
¶
public addHostDefaultBackend(java.lang.String host, IngressBackend backend)
host
Required ¶
- Type:
java.lang.String
The host name to match.
backend
Required ¶
The backend to route to.
addHostRule
¶
public addHostRule(java.lang.String host, java.lang.String path, IngressBackend backend)
public addHostRule(java.lang.String host, java.lang.String path, IngressBackend backend, HttpIngressPathType pathType)
host
Required ¶
- Type:
java.lang.String
The host name.
path
Required ¶
- Type:
java.lang.String
The HTTP path.
backend
Required ¶
The backend to route requests to.
pathType
Optional ¶
How the path is matched against request paths.
addRule
¶
public addRule(java.lang.String path, IngressBackend backend)
public addRule(java.lang.String path, IngressBackend backend, HttpIngressPathType pathType)
path
Required ¶
- Type:
java.lang.String
The HTTP path.
backend
Required ¶
The backend to route requests to.
pathType
Optional ¶
How the path is matched against request paths.
addRules
¶
public addRules(IngressRule rules)
rules
Required ¶
The rules to add.
addTls
¶
public addTls(java.util.List<IngressTls> tls)
tls
Required ¶
- Type: java.util.List<
org.cdk8s.plus29.IngressTls
>
Properties ¶
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
Job ¶
A Job creates one or more Pods and ensures that a specified number of them successfully terminate.
As pods successfully complete, the Job tracks the successful completions. When a specified number of successful completions is reached, the task (ie, Job) is complete. Deleting a Job will clean up the Pods it created. A simple case is to create one Job object in order to reliably run one Pod to completion. The Job object will start a new Pod if the first Pod fails or is deleted (for example due to a node hardware failure or a node reboot). You can also use a Job to run multiple Pods in parallel.
Initializers ¶
import org.cdk8s.plus29.Job;
Job.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
// .activeDeadline(Duration)
// .backoffLimit(java.lang.Number)
// .ttlAfterFinished(Duration)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
The pod metadata of this workload.
select
Optional ¶
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
activeDeadline
Optional ¶
- Type:
org.cdk8s.Duration
- Default: If unset, then there is no deadline.
Specifies the duration the job may be active before the system tries to terminate it.
backoffLimit
Optional ¶
- Type:
java.lang.Number
- Default: If not set, system defaults to 6.
Specifies the number of retries before marking this job failed.
ttlAfterFinished
Optional ¶
- Type:
org.cdk8s.Duration
- Default: If this field is unset, the Job won’t be automatically deleted.
Limits the lifetime of a Job that has finished execution (either Complete or Failed).
If this field is set, after the Job finishes, it is eligible to
be automatically deleted. When the Job is being deleted, its lifecycle
guarantees (e.g. finalizers) will be honored. If this field is set to zero,
the Job becomes eligible to be deleted immediately after it finishes. This
field is alpha-level and is only honored by servers that enable the
TTLAfterFinished
feature.
Properties ¶
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
activeDeadline
Optional ¶
public Duration getActiveDeadline();
- Type:
org.cdk8s.Duration
Duration before job is terminated.
If undefined, there is no deadline.
backoffLimit
Optional ¶
public java.lang.Number getBackoffLimit();
- Type:
java.lang.Number
Number of retries before marking failed.
ttlAfterFinished
Optional ¶
public Duration getTtlAfterFinished();
- Type:
org.cdk8s.Duration
TTL before the job is deleted after it is finished.
Namespace ¶
In Kubernetes, namespaces provides a mechanism for isolating groups of resources within a single cluster.
Names of resources need to be unique within a namespace, but not across namespaces. Namespace-based scoping is applicable only for namespaced objects (e.g. Deployments, Services, etc) and not for cluster-wide objects (e.g. StorageClass, Nodes, PersistentVolumes, etc).
Initializers ¶
import org.cdk8s.plus29.Namespace;
Namespace.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
Methods ¶
toNamespaceSelectorConfig
¶
public toNamespaceSelectorConfig()
toNetworkPolicyPeerConfig
¶
public toNetworkPolicyPeerConfig()
toPodSelector
¶
public toPodSelector()
Properties ¶
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
Constants ¶
NAME_LABEL
¶
- Type:
java.lang.String
https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#automatic-labelling
Namespaces ¶
Represents a group of namespaces.
Initializers ¶
import org.cdk8s.plus29.Namespaces;
new Namespaces(Construct scope, java.lang.String id);
new Namespaces(Construct scope, java.lang.String id, java.util.List<LabelExpression> expressions);
new Namespaces(Construct scope, java.lang.String id, java.util.List<LabelExpression> expressions, java.util.List<java.lang.String> names);
new Namespaces(Construct scope, java.lang.String id, java.util.List<LabelExpression> expressions, java.util.List<java.lang.String> names, java.util.Map<java.lang.String, java.lang.String> labels);
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
expressions
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.LabelExpression
>
names
Optional ¶
- Type: java.util.List<
java.lang.String
>
labels
Optional ¶
- Type: java.util.Map
java.lang.String>
Methods ¶
toNamespaceSelectorConfig
¶
public toNamespaceSelectorConfig()
toNetworkPolicyPeerConfig
¶
public toNetworkPolicyPeerConfig()
toPodSelector
¶
public toPodSelector()
Static Functions ¶
all
¶
import org.cdk8s.plus29.Namespaces;
Namespaces.all(Construct scope, java.lang.String id)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
select
¶
import org.cdk8s.plus29.Namespaces;
Namespaces.select(Construct scope, java.lang.String id, NamespacesSelectOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
options
Required ¶
NetworkPolicy ¶
Control traffic flow at the IP address or port level (OSI layer 3 or 4), network policies are an application-centric construct which allow you to specify how a pod is allowed to communicate with various network peers.
- Outgoing traffic is allowed if there are no network policies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the network policies that select the pod.
- Incoming traffic is allowed to a pod if there are no network policies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod’s local node, OR if the traffic matches at least one ingress rule across all of the network policies that select the pod.
Network policies do not conflict; they are additive. If any policy or policies apply to a given pod for a given direction, the connections allowed in that direction from that pod is the union of what the applicable policies allow. Thus, order of evaluation does not affect the policy result.
For a connection from a source pod to a destination pod to be allowed, both the egress policy on the source pod and the ingress policy on the destination pod need to allow the connection. If either side does not allow the connection, it will not happen.
https://kubernetes.io/docs/concepts/services-networking/network-policies/#networkpolicy-resource
Initializers ¶
import org.cdk8s.plus29.NetworkPolicy;
NetworkPolicy.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .egress(NetworkPolicyTraffic)
// .ingress(NetworkPolicyTraffic)
// .selector(IPodSelector)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
egress
Optional ¶
- Type:
org.cdk8s.plus29.NetworkPolicyTraffic
- Default: the policy doesn’t change egress behavior of the pods it selects.
Egress traffic configuration.
ingress
Optional ¶
- Type:
org.cdk8s.plus29.NetworkPolicyTraffic
- Default: the policy doesn’t change ingress behavior of the pods it selects.
Ingress traffic configuration.
selector
Optional ¶
- Type:
org.cdk8s.plus29.IPodSelector
- Default: will select all pods in the namespace of the policy.
Which pods does this policy object applies to.
This can either be a single pod / workload, or a grouping of pods selected
via the Pods.select
function. Rules is applied to any pods selected by this property.
Multiple network policies can select the same set of pods.
In this case, the rules for each are combined additively.
Note that
Methods ¶
addEgressRule
¶
public addEgressRule(INetworkPolicyPeer peer)
public addEgressRule(INetworkPolicyPeer peer, java.util.List<NetworkPolicyPort> ports)
peer
Required ¶
ports
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.NetworkPolicyPort
>
addIngressRule
¶
public addIngressRule(INetworkPolicyPeer peer)
public addIngressRule(INetworkPolicyPeer peer, java.util.List<NetworkPolicyPort> ports)
peer
Required ¶
ports
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.NetworkPolicyPort
>
Properties ¶
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
NetworkPolicyIpBlock ¶
- Implements:
org.cdk8s.plus29.INetworkPolicyPeer
Describes a particular CIDR (Ex.
“192.168.1.1/24”,”2001:db9::/64”) that is allowed to the pods matched by a network policy selector. The except entry describes CIDRs that should not be included within this rule.
Methods ¶
toNetworkPolicyPeerConfig
¶
public toNetworkPolicyPeerConfig()
toPodSelector
¶
public toPodSelector()
Static Functions ¶
anyIpv4
¶
import org.cdk8s.plus29.NetworkPolicyIpBlock;
NetworkPolicyIpBlock.anyIpv4(Construct scope, java.lang.String id)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
anyIpv6
¶
import org.cdk8s.plus29.NetworkPolicyIpBlock;
NetworkPolicyIpBlock.anyIpv6(Construct scope, java.lang.String id)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
ipv4
¶
import org.cdk8s.plus29.NetworkPolicyIpBlock;
NetworkPolicyIpBlock.ipv4(Construct scope, java.lang.String id, java.lang.String cidrIp)
NetworkPolicyIpBlock.ipv4(Construct scope, java.lang.String id, java.lang.String cidrIp, java.util.List<java.lang.String> except)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
cidrIp
Required ¶
- Type:
java.lang.String
except
Optional ¶
- Type: java.util.List<
java.lang.String
>
ipv6
¶
import org.cdk8s.plus29.NetworkPolicyIpBlock;
NetworkPolicyIpBlock.ipv6(Construct scope, java.lang.String id, java.lang.String cidrIp)
NetworkPolicyIpBlock.ipv6(Construct scope, java.lang.String id, java.lang.String cidrIp, java.util.List<java.lang.String> except)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
cidrIp
Required ¶
- Type:
java.lang.String
except
Optional ¶
- Type: java.util.List<
java.lang.String
>
Properties ¶
cidr
Required ¶
public java.lang.String getCidr();
- Type:
java.lang.String
A string representing the IP Block Valid examples are “192.168.1.1/24” or “2001:db9::/64”.
except
Optional ¶
public java.util.List<java.lang.String> getExcept();
- Type: java.util.List<
java.lang.String
>
A slice of CIDRs that should not be included within an IP Block Valid examples are “192.168.1.1/24” or “2001:db9::/64”. Except values will be rejected if they are outside the CIDR range.
PersistentVolume ¶
A PersistentVolume (PV) is a piece of storage in the cluster that has been provisioned by an administrator or dynamically provisioned using Storage Classes.
It is a resource in the cluster just like a node is a cluster resource. PVs are volume plugins like Volumes, but have a lifecycle independent of any individual Pod that uses the PV. This API object captures the details of the implementation of the storage, be that NFS, iSCSI, or a cloud-provider-specific storage system.
Initializers ¶
import org.cdk8s.plus29.PersistentVolume;
PersistentVolume.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .accessModes(java.util.List<PersistentVolumeAccessMode>)
// .claim(IPersistentVolumeClaim)
// .mountOptions(java.util.List<java.lang.String>)
// .reclaimPolicy(PersistentVolumeReclaimPolicy)
// .storage(Size)
// .storageClassName(java.lang.String)
// .volumeMode(PersistentVolumeMode)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
accessModes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
> - Default: No access modes.
Contains all ways the volume can be mounted.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
claim
Optional ¶
- Type:
org.cdk8s.plus29.IPersistentVolumeClaim
- Default: Not bound to a specific claim.
Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
Expected to be non-nil when bound.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
mountOptions
Optional ¶
- Type: java.util.List<
java.lang.String
> - Default: No options.
A list of mount options, e.g. [“ro”, “soft”]. Not validated - mount will simply fail if one is invalid.
https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
reclaimPolicy
Optional ¶
- Type:
org.cdk8s.plus29.PersistentVolumeReclaimPolicy
- Default: PersistentVolumeReclaimPolicy.RETAIN
When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
The reclaim policy tells the cluster what to do with the volume after it has been released of its claim.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
storage
Optional ¶
- Type:
org.cdk8s.Size
- Default: No specified.
What is the storage capacity of this volume.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
storageClassName
Optional ¶
- Type:
java.lang.String
- Default: Volume does not belong to any storage class.
Name of StorageClass to which this persistent volume belongs.
volumeMode
Optional ¶
- Type:
org.cdk8s.plus29.PersistentVolumeMode
- Default: VolumeMode.FILE_SYSTEM
Defines what type of volume is required by the claim.
Methods ¶
asVolume
¶
public asVolume()
bind
¶
public bind(IPersistentVolumeClaim claim)
claim
Required ¶
The PVC to bind to.
reserve
¶
public reserve()
Static Functions ¶
fromPersistentVolumeName
¶
import org.cdk8s.plus29.PersistentVolume;
PersistentVolume.fromPersistentVolumeName(Construct scope, java.lang.String id, java.lang.String volumeName)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
volumeName
Required ¶
- Type:
java.lang.String
Properties ¶
mode
Required ¶
public PersistentVolumeMode getMode();
Volume mode of this volume.
reclaimPolicy
Required ¶
public PersistentVolumeReclaimPolicy getReclaimPolicy();
Reclaim policy of this volume.
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
accessModes
Optional ¶
public java.util.List<PersistentVolumeAccessMode> getAccessModes();
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
>
Access modes requirement of this claim.
claim
Optional ¶
public IPersistentVolumeClaim getClaim();
PVC this volume is bound to.
Undefined means this volume is not yet claimed by any PVC.
mountOptions
Optional ¶
public java.util.List<java.lang.String> getMountOptions();
- Type: java.util.List<
java.lang.String
>
Mount options of this volume.
storage
Optional ¶
public Size getStorage();
- Type:
org.cdk8s.Size
Storage size of this volume.
storageClassName
Optional ¶
public java.lang.String getStorageClassName();
- Type:
java.lang.String
Storage class this volume belongs to.
PersistentVolumeClaim ¶
- Implements:
org.cdk8s.plus29.IPersistentVolumeClaim
A PersistentVolumeClaim (PVC) is a request for storage by a user.
It is similar to a Pod. Pods consume node resources and PVCs consume PV resources. Pods can request specific levels of resources (CPU and Memory). Claims can request specific size and access modes
Initializers ¶
import org.cdk8s.plus29.PersistentVolumeClaim;
PersistentVolumeClaim.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .accessModes(java.util.List<PersistentVolumeAccessMode>)
// .storage(Size)
// .storageClassName(java.lang.String)
// .volume(IPersistentVolume)
// .volumeMode(PersistentVolumeMode)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
accessModes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
> - Default: No access modes requirement.
Contains the access modes the volume should support.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
storage
Optional ¶
- Type:
org.cdk8s.Size
- Default: No storage requirement.
Minimum storage size the volume should have.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
storageClassName
Optional ¶
- Type:
java.lang.String
- Default: Not set.
Name of the StorageClass required by the claim. When this property is not set, the behavior is as follows:.
- If the admission plugin is turned on, the storage class marked as default will be used.
- If the admission plugin is turned off, the pvc can only be bound to volumes without a storage class.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
volume
Optional ¶
- Type:
org.cdk8s.plus29.IPersistentVolume
- Default: No specific volume binding.
The PersistentVolume backing this claim.
The control plane still checks that storage class, access modes, and requested storage size on the volume are valid.
Note that in order to guarantee a proper binding, the volume should
also define a claimRef
referring to this claim. Otherwise, the volume may be
claimed be other pvc’s before it gets a chance to bind to this one.
If the volume is managed (i.e not imported), you can use pv.claim()
to easily
create a bi-directional bounded claim.
https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding.
volumeMode
Optional ¶
- Type:
org.cdk8s.plus29.PersistentVolumeMode
- Default: VolumeMode.FILE_SYSTEM
Defines what type of volume is required by the claim.
Methods ¶
bind
¶
public bind(IPersistentVolume vol)
vol
Required ¶
The PV to bind to.
Static Functions ¶
fromClaimName
¶
import org.cdk8s.plus29.PersistentVolumeClaim;
PersistentVolumeClaim.fromClaimName(Construct scope, java.lang.String id, java.lang.String claimName)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
claimName
Required ¶
- Type:
java.lang.String
Properties ¶
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
volumeMode
Required ¶
public PersistentVolumeMode getVolumeMode();
Volume mode requirement of this claim.
accessModes
Optional ¶
public java.util.List<PersistentVolumeAccessMode> getAccessModes();
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
>
Access modes requirement of this claim.
storage
Optional ¶
public Size getStorage();
- Type:
org.cdk8s.Size
Storage requirement of this claim.
storageClassName
Optional ¶
public java.lang.String getStorageClassName();
- Type:
java.lang.String
Storage class requirment of this claim.
volume
Optional ¶
public IPersistentVolume getVolume();
PV this claim is bound to.
Undefined means the claim is not bound to any specific volume.
Pod ¶
Pod is a collection of containers that can run on a host.
This resource is created by clients and scheduled onto hosts.
Initializers ¶
import org.cdk8s.plus29.Pod;
Pod.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
Properties ¶
connections
Required ¶
public PodConnections getConnections();
podMetadata
Required ¶
public ApiObjectMetadataDefinition getPodMetadata();
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
scheduling
Required ¶
public PodScheduling getScheduling();
Constants ¶
ADDRESS_LABEL
¶
- Type:
java.lang.String
This label is autoamtically added by cdk8s to any pod.
It provides a unique and stable identifier for the pod.
Pods ¶
- Implements:
org.cdk8s.plus29.IPodSelector
Represents a group of pods.
Initializers ¶
import org.cdk8s.plus29.Pods;
new Pods(Construct scope, java.lang.String id);
new Pods(Construct scope, java.lang.String id, java.util.List<LabelExpression> expressions);
new Pods(Construct scope, java.lang.String id, java.util.List<LabelExpression> expressions, java.util.Map<java.lang.String, java.lang.String> labels);
new Pods(Construct scope, java.lang.String id, java.util.List<LabelExpression> expressions, java.util.Map<java.lang.String, java.lang.String> labels, INamespaceSelector namespaces);
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
expressions
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.LabelExpression
>
labels
Optional ¶
- Type: java.util.Map
java.lang.String>
namespaces
Optional ¶
Methods ¶
toNetworkPolicyPeerConfig
¶
public toNetworkPolicyPeerConfig()
toPodSelector
¶
public toPodSelector()
toPodSelectorConfig
¶
public toPodSelectorConfig()
Static Functions ¶
all
¶
import org.cdk8s.plus29.Pods;
Pods.all(Construct scope, java.lang.String id)
Pods.all(Construct scope, java.lang.String id, PodsAllOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
options
Optional ¶
select
¶
import org.cdk8s.plus29.Pods;
Pods.select(Construct scope, java.lang.String id, PodsSelectOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
options
Required ¶
Resource ¶
- Implements:
org.cdk8s.plus29.IResource
,org.cdk8s.plus29.IApiResource
,org.cdk8s.plus29.IApiEndpoint
Base class for all Kubernetes objects in stdk8s.
Represents a single resource.
Initializers ¶
import org.cdk8s.plus29.Resource;
new Resource(Construct scope, java.lang.String id);
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
Methods ¶
asApiResource
¶
public asApiResource()
asNonApiResource
¶
public asNonApiResource()
Properties ¶
apiGroup
Required ¶
public java.lang.String getApiGroup();
- Type:
java.lang.String
The group portion of the API version (e.g. “authorization.k8s.io”).
apiVersion
Required ¶
public java.lang.String getApiVersion();
- Type:
java.lang.String
The object’s API version (e.g. “authorization.k8s.io/v1”).
kind
Required ¶
public java.lang.String getKind();
- Type:
java.lang.String
The object kind (e.g. “Deployment”).
metadata
Required ¶
public ApiObjectMetadataDefinition getMetadata();
name
Required ¶
public java.lang.String getName();
- Type:
java.lang.String
The name of this API object.
permissions
Required ¶
public ResourcePermissions getPermissions();
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
resourceName
Optional ¶
public java.lang.String getResourceName();
- Type:
java.lang.String
The unique, namespace-global, name of an object inside the Kubernetes cluster.
If this is omitted, the ApiResource should represent all objects of the given type.
Role ¶
- Implements:
org.cdk8s.plus29.IRole
Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
Initializers ¶
import org.cdk8s.plus29.Role;
Role.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .rules(java.util.List<RolePolicyRule>)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
rules
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.RolePolicyRule
> - Default: []
A list of rules the role should allow.
Methods ¶
allow
¶
public allow(java.util.List<java.lang.String> verbs, IApiResource resources)
verbs
Required ¶
- Type: java.util.List<
java.lang.String
>
resources
Required ¶
The resource(s) to apply to.
allowCreate
¶
public allowCreate(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
allowDelete
¶
public allowDelete(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
allowDeleteCollection
¶
public allowDeleteCollection(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
allowGet
¶
public allowGet(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
allowList
¶
public allowList(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
allowPatch
¶
public allowPatch(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
allowRead
¶
public allowRead(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
allowReadWrite
¶
public allowReadWrite(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
allowUpdate
¶
public allowUpdate(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
allowWatch
¶
public allowWatch(IApiResource resources)
resources
Required ¶
The resource(s) to apply to.
bind
¶
public bind(ISubject subjects)
subjects
Required ¶
a list of subjects to bind to.
Static Functions ¶
fromRoleName
¶
import org.cdk8s.plus29.Role;
Role.fromRoleName(Construct scope, java.lang.String id, java.lang.String name)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
Properties ¶
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
rules
Required ¶
public java.util.List<RolePolicyRule> getRules();
- Type: java.util.List<
org.cdk8s.plus29.RolePolicyRule
>
Rules associaated with this Role.
Returns a copy, use allow
to add rules.
RoleBinding ¶
A RoleBinding grants permissions within a specific namespace to a user or set of users.
Initializers ¶
import org.cdk8s.plus29.RoleBinding;
RoleBinding.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
.role(IRole)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
role
Required ¶
- Type:
org.cdk8s.plus29.IRole
The role to bind to.
A RoleBinding can reference a Role or a ClusterRole.
Methods ¶
addSubjects
¶
public addSubjects(ISubject subjects)
subjects
Required ¶
The subjects to add.
Properties ¶
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
role
Required ¶
public IRole getRole();
- Type:
org.cdk8s.plus29.IRole
subjects
Required ¶
public java.util.List<ISubject> getSubjects();
- Type: java.util.List<
org.cdk8s.plus29.ISubject
>
Secret ¶
- Implements:
org.cdk8s.plus29.ISecret
Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys.
Storing confidential information in a Secret is safer and more flexible than putting it verbatim in a Pod definition or in a container image.
https://kubernetes.io/docs/concepts/configuration/secret
Initializers ¶
import org.cdk8s.plus29.Secret;
Secret.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .immutable(java.lang.Boolean)
// .stringData(java.util.Map<java.lang.String, java.lang.String>)
// .type(java.lang.String)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
immutable
Optional ¶
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
stringData
Optional ¶
- Type: java.util.Map
java.lang.String>
stringData allows specifying non-binary secret data in string form.
It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.
type
Optional ¶
- Type:
java.lang.String
- Default: undefined - Don’t set a type.
Optional type associated with the secret.
Used to facilitate programmatic handling of secret data by various controllers.
Methods ¶
addStringData
¶
public addStringData(java.lang.String key, java.lang.String value)
key
Required ¶
- Type:
java.lang.String
Key.
value
Required ¶
- Type:
java.lang.String
Value.
envValue
¶
public envValue(java.lang.String key)
public envValue(java.lang.String key, EnvValueFromSecretOptions options)
key
Required ¶
- Type:
java.lang.String
options
Optional ¶
getStringData
¶
public getStringData(java.lang.String key)
key
Required ¶
- Type:
java.lang.String
Key.
Static Functions ¶
fromSecretName
¶
import org.cdk8s.plus29.Secret;
Secret.fromSecretName(Construct scope, java.lang.String id, java.lang.String name)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
Properties ¶
immutable
Required ¶
public java.lang.Boolean getImmutable();
- Type:
java.lang.Boolean
Whether or not the secret is immutable.
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
Service ¶
An abstract way to expose an application running on a set of Pods as a network service.
With Kubernetes you don’t need to modify your application to use an unfamiliar service discovery mechanism. Kubernetes gives Pods their own IP addresses and a single DNS name for a set of Pods, and can load-balance across them.
For example, consider a stateless image-processing backend which is running with 3 replicas. Those replicas are fungible—frontends do not care which backend they use. While the actual Pods that compose the backend set may change, the frontend clients should not need to be aware of that, nor should they need to keep track of the set of backends themselves. The Service abstraction enables this decoupling.
If you’re able to use Kubernetes APIs for service discovery in your application, you can query the API server for Endpoints, that get updated whenever the set of Pods in a Service changes. For non-native applications, Kubernetes offers ways to place a network port or load balancer in between your application and the backend Pods.
Initializers ¶
import org.cdk8s.plus29.Service;
Service.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .clusterIP(java.lang.String)
// .externalIPs(java.util.List<java.lang.String>)
// .externalName(java.lang.String)
// .loadBalancerSourceRanges(java.util.List<java.lang.String>)
// .ports(java.util.List<ServicePort>)
// .publishNotReadyAddresses(java.lang.Boolean)
// .selector(IPodSelector)
// .type(ServiceType)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
clusterIP
Optional ¶
- Type:
java.lang.String
- Default: Automatically assigned.
The IP address of the service and is usually assigned randomly by the master.
If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are “None”, empty string (“”), or a valid IP address. “None” can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName.
https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
externalIPs
Optional ¶
- Type: java.util.List<
java.lang.String
> - Default: No external IPs.
A list of IP addresses for which nodes in the cluster will also accept traffic for this service.
These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.
externalName
Optional ¶
- Type:
java.lang.String
- Default: No external name.
The externalName to be used when ServiceType.EXTERNAL_NAME is set.
loadBalancerSourceRanges
Optional ¶
- Type: java.util.List<
java.lang.String
>
A list of CIDR IP addresses, if specified and supported by the platform, will restrict traffic through the cloud-provider load-balancer to the specified client IPs.
More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/
ports
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ServicePort
> - Default: either the selector ports, or none.
The ports this service binds to.
If the selector of the service is a managed pod / workload, its ports will are automatically extracted and used as the default value. Otherwise, no ports are bound.
publishNotReadyAddresses
Optional ¶
- Type:
java.lang.Boolean
- Default: false
The publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready.
More info: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#servicespec-v1-core
selector
Optional ¶
- Type:
org.cdk8s.plus29.IPodSelector
- Default: unset, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify.
Which pods should the service select and route to.
You can pass one of the following:
- An instance of
Pod
or any workload resource (e.gDeployment
,StatefulSet
, …) - Pods selected by the
Pods.select
function. Note that in this case only labels can be specified.
type
Optional ¶
- Type:
org.cdk8s.plus29.ServiceType
- Default: ServiceType.ClusterIP
Determines how the Service is exposed.
More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
Methods ¶
bind
¶
public bind(java.lang.Number port)
public bind(java.lang.Number port, ServiceBindOptions options)
port
Required ¶
- Type:
java.lang.Number
The port definition.
options
Optional ¶
exposeViaIngress
¶
public exposeViaIngress(java.lang.String path)
public exposeViaIngress(java.lang.String path, ExposeServiceViaIngressOptions options)
path
Required ¶
- Type:
java.lang.String
The path to expose the service under.
options
Optional ¶
Additional options.
select
¶
public select(IPodSelector selector)
selector
Required ¶
selectLabel
¶
public selectLabel(java.lang.String key, java.lang.String value)
key
Required ¶
- Type:
java.lang.String
value
Required ¶
- Type:
java.lang.String
Properties ¶
port
Required ¶
public java.lang.Number getPort();
- Type:
java.lang.Number
Return the first port of the service.
ports
Required ¶
public java.util.List<ServicePort> getPorts();
- Type: java.util.List<
org.cdk8s.plus29.ServicePort
>
Ports for this service.
Use bind()
to bind additional service ports.
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
type
Required ¶
public ServiceType getType();
Determines how the Service is exposed.
clusterIP
Optional ¶
public java.lang.String getClusterIP();
- Type:
java.lang.String
The IP address of the service and is usually assigned randomly by the master.
externalName
Optional ¶
public java.lang.String getExternalName();
- Type:
java.lang.String
The externalName to be used for EXTERNAL_NAME types.
ServiceAccount ¶
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account
Initializers ¶
import org.cdk8s.plus29.ServiceAccount;
ServiceAccount.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .automountToken(java.lang.Boolean)
// .secrets(java.util.List<ISecret>)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
automountToken
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Indicates whether pods running as this service account should have an API token automatically mounted.
Can be overridden at the pod level.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
secrets
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ISecret
>
List of secrets allowed to be used by pods running using this ServiceAccount.
https://kubernetes.io/docs/concepts/configuration/secret
Methods ¶
addSecret
¶
public addSecret(ISecret secr)
secr
Required ¶
- Type:
org.cdk8s.plus29.ISecret
The secret.
toSubjectConfiguration
¶
public toSubjectConfiguration()
Static Functions ¶
fromServiceAccountName
¶
import org.cdk8s.plus29.ServiceAccount;
ServiceAccount.fromServiceAccountName(Construct scope, java.lang.String id, java.lang.String name)
ServiceAccount.fromServiceAccountName(Construct scope, java.lang.String id, java.lang.String name, FromServiceAccountNameOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
The name of the service account resource.
options
Optional ¶
additional options.
Properties ¶
automountToken
Required ¶
public java.lang.Boolean getAutomountToken();
- Type:
java.lang.Boolean
Whether or not a token is automatically mounted for this service account.
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
secrets
Required ¶
public java.util.List<ISecret> getSecrets();
- Type: java.util.List<
org.cdk8s.plus29.ISecret
>
List of secrets allowed to be used by pods running using this service account.
Returns a copy. To add a secret, use addSecret()
.
ServiceAccountTokenSecret ¶
Create a secret for a service account token.
https://kubernetes.io/docs/concepts/configuration/secret/#service-account-token-secrets
Initializers ¶
import org.cdk8s.plus29.ServiceAccountTokenSecret;
ServiceAccountTokenSecret.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .immutable(java.lang.Boolean)
.serviceAccount(IServiceAccount)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
immutable
Optional ¶
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
serviceAccount
Required ¶
The service account to store a secret for.
SshAuthSecret ¶
Create a secret for ssh authentication.
https://kubernetes.io/docs/concepts/configuration/secret/#ssh-authentication-secrets
Initializers ¶
import org.cdk8s.plus29.SshAuthSecret;
SshAuthSecret.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .immutable(java.lang.Boolean)
.sshPrivateKey(java.lang.String)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
immutable
Optional ¶
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
sshPrivateKey
Required ¶
- Type:
java.lang.String
The SSH private key to use.
StatefulSet ¶
- Implements:
org.cdk8s.plus29.IScalable
StatefulSet is the workload API object used to manage stateful applications.
Manages the deployment and scaling of a set of Pods, and provides guarantees about the ordering and uniqueness of these Pods.
Like a Deployment, a StatefulSet manages Pods that are based on an identical container spec. Unlike a Deployment, a StatefulSet maintains a sticky identity for each of their Pods. These pods are created from the same spec, but are not interchangeable: each has a persistent identifier that it maintains across any rescheduling.
If you want to use storage volumes to provide persistence for your workload, you can use a StatefulSet as part of the solution. Although individual Pods in a StatefulSet are susceptible to failure, the persistent Pod identifiers make it easier to match existing volumes to the new Pods that replace any that have failed.
Using StatefulSets¶
StatefulSets are valuable for applications that require one or more of the following.
- Stable, unique network identifiers.
- Stable, persistent storage.
- Ordered, graceful deployment and scaling.
- Ordered, automated rolling updates.
Initializers ¶
import org.cdk8s.plus29.StatefulSet;
StatefulSet.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
// .minReady(Duration)
// .podManagementPolicy(PodManagementPolicy)
// .replicas(java.lang.Number)
// .service(Service)
// .strategy(StatefulSetUpdateStrategy)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
The pod metadata of this workload.
select
Optional ¶
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
minReady
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(0)
Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
Zero means the pod will be considered available as soon as it is ready.
This is an alpha field and requires enabling StatefulSetMinReadySeconds feature gate.
https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#min-ready-seconds
podManagementPolicy
Optional ¶
- Type:
org.cdk8s.plus29.PodManagementPolicy
- Default: PodManagementPolicy.ORDERED_READY
Pod management policy to use for this statefulset.
replicas
Optional ¶
- Type:
java.lang.Number
- Default: 1
Number of desired pods.
service
Optional ¶
- Type:
org.cdk8s.plus29.Service
- Default: A new headless service will be created.
Service to associate with the statefulset.
strategy
Optional ¶
- Type:
org.cdk8s.plus29.StatefulSetUpdateStrategy
- Default: RollingUpdate with partition set to 0
Indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.
Methods ¶
markHasAutoscaler
¶
public markHasAutoscaler()
toScalingTarget
¶
public toScalingTarget()
Properties ¶
minReady
Required ¶
public Duration getMinReady();
- Type:
org.cdk8s.Duration
Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
podManagementPolicy
Required ¶
public PodManagementPolicy getPodManagementPolicy();
Management policy to use for the set.
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of a resource type as it appears in the relevant API endpoint.
service
Required ¶
public Service getService();
- Type:
org.cdk8s.plus29.Service
strategy
Required ¶
public StatefulSetUpdateStrategy getStrategy();
The update startegy of this stateful set.
replicas
Optional ¶
public java.lang.Number getReplicas();
- Type:
java.lang.Number
Number of desired pods.
hasAutoscaler
Required ¶
public java.lang.Boolean getHasAutoscaler();
- Type:
java.lang.Boolean
If this is a target of an autoscaler.
TlsSecret ¶
Create a secret for storing a TLS certificate and its associated key.
https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
Initializers ¶
import org.cdk8s.plus29.TlsSecret;
TlsSecret.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .immutable(java.lang.Boolean)
.tlsCert(java.lang.String)
.tlsKey(java.lang.String)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
immutable
Optional ¶
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
tlsCert
Required ¶
- Type:
java.lang.String
The TLS cert.
tlsKey
Required ¶
- Type:
java.lang.String
The TLS key.
User ¶
- Implements:
org.cdk8s.plus29.ISubject
Represents a user.
Methods ¶
toSubjectConfiguration
¶
public toSubjectConfiguration()
Static Functions ¶
fromName
¶
import org.cdk8s.plus29.User;
User.fromName(Construct scope, java.lang.String id, java.lang.String name)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
Properties ¶
kind
Required ¶
public java.lang.String getKind();
- Type:
java.lang.String
name
Required ¶
public java.lang.String getName();
- Type:
java.lang.String
apiGroup
Optional ¶
public java.lang.String getApiGroup();
- Type:
java.lang.String
Volume ¶
- Implements:
org.cdk8s.plus29.IStorage
Volume represents a named volume in a pod that may be accessed by any container in the pod.
Docker also has a concept of volumes, though it is somewhat looser and less managed. In Docker, a volume is simply a directory on disk or in another Container. Lifetimes are not managed and until very recently there were only local-disk-backed volumes. Docker now provides volume drivers, but the functionality is very limited for now (e.g. as of Docker 1.7 only one volume driver is allowed per Container and there is no way to pass parameters to volumes).
A Kubernetes volume, on the other hand, has an explicit lifetime - the same as the Pod that encloses it. Consequently, a volume outlives any Containers that run within the Pod, and data is preserved across Container restarts. Of course, when a Pod ceases to exist, the volume will cease to exist, too. Perhaps more importantly than this, Kubernetes supports many types of volumes, and a Pod can use any number of them simultaneously.
At its core, a volume is just a directory, possibly with some data in it, which is accessible to the Containers in a Pod. How that directory comes to be, the medium that backs it, and the contents of it are determined by the particular volume type used.
To use a volume, a Pod specifies what volumes to provide for the Pod (the .spec.volumes field) and where to mount those into Containers (the .spec.containers[*].volumeMounts field).
A process in a container sees a filesystem view composed from their Docker image and volumes. The Docker image is at the root of the filesystem hierarchy, and any volumes are mounted at the specified paths within the image. Volumes can not mount onto other volumes
Methods ¶
asVolume
¶
public asVolume()
Static Functions ¶
fromAwsElasticBlockStore
¶
import org.cdk8s.plus29.Volume;
Volume.fromAwsElasticBlockStore(Construct scope, java.lang.String id, java.lang.String volumeId)
Volume.fromAwsElasticBlockStore(Construct scope, java.lang.String id, java.lang.String volumeId, AwsElasticBlockStoreVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
volumeId
Required ¶
- Type:
java.lang.String
options
Optional ¶
fromAzureDisk
¶
import org.cdk8s.plus29.Volume;
Volume.fromAzureDisk(Construct scope, java.lang.String id, java.lang.String diskName, java.lang.String diskUri)
Volume.fromAzureDisk(Construct scope, java.lang.String id, java.lang.String diskName, java.lang.String diskUri, AzureDiskVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
diskName
Required ¶
- Type:
java.lang.String
diskUri
Required ¶
- Type:
java.lang.String
options
Optional ¶
fromConfigMap
¶
import org.cdk8s.plus29.Volume;
Volume.fromConfigMap(Construct scope, java.lang.String id, IConfigMap configMap)
Volume.fromConfigMap(Construct scope, java.lang.String id, IConfigMap configMap, ConfigMapVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
configMap
Required ¶
The config map to use to populate the volume.
options
Optional ¶
Options.
fromCsi
¶
import org.cdk8s.plus29.Volume;
Volume.fromCsi(Construct scope, java.lang.String id, java.lang.String driver)
Volume.fromCsi(Construct scope, java.lang.String id, java.lang.String driver, CsiVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
driver
Required ¶
- Type:
java.lang.String
The name of the CSI driver to use to populate the volume.
options
Optional ¶
Options for the CSI volume, including driver-specific ones.
fromEmptyDir
¶
import org.cdk8s.plus29.Volume;
Volume.fromEmptyDir(Construct scope, java.lang.String id, java.lang.String name)
Volume.fromEmptyDir(Construct scope, java.lang.String id, java.lang.String name, EmptyDirVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
options
Optional ¶
Additional options.
fromGcePersistentDisk
¶
import org.cdk8s.plus29.Volume;
Volume.fromGcePersistentDisk(Construct scope, java.lang.String id, java.lang.String pdName)
Volume.fromGcePersistentDisk(Construct scope, java.lang.String id, java.lang.String pdName, GCEPersistentDiskVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
pdName
Required ¶
- Type:
java.lang.String
options
Optional ¶
fromHostPath
¶
import org.cdk8s.plus29.Volume;
Volume.fromHostPath(Construct scope, java.lang.String id, java.lang.String name, HostPathVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
options
Required ¶
fromNfs
¶
import org.cdk8s.plus29.Volume;
Volume.fromNfs(Construct scope, java.lang.String id, java.lang.String name, NfsVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
name
Required ¶
- Type:
java.lang.String
options
Required ¶
fromPersistentVolumeClaim
¶
import org.cdk8s.plus29.Volume;
Volume.fromPersistentVolumeClaim(Construct scope, java.lang.String id, IPersistentVolumeClaim claim)
Volume.fromPersistentVolumeClaim(Construct scope, java.lang.String id, IPersistentVolumeClaim claim, PersistentVolumeClaimVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
claim
Required ¶
options
Optional ¶
fromSecret
¶
import org.cdk8s.plus29.Volume;
Volume.fromSecret(Construct scope, java.lang.String id, ISecret secr)
Volume.fromSecret(Construct scope, java.lang.String id, ISecret secr, SecretVolumeOptions options)
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
secr
Required ¶
- Type:
org.cdk8s.plus29.ISecret
The secret to use to populate the volume.
options
Optional ¶
Options.
Properties ¶
name
Required ¶
public java.lang.String getName();
- Type:
java.lang.String
Workload ¶
A workload is an application running on Kubernetes.
Whether your workload is a single component or several that work together, on Kubernetes you run it inside a set of pods. In Kubernetes, a Pod represents a set of running containers on your cluster.
Initializers ¶
import org.cdk8s.plus29.Workload;
Workload.Builder.create(Construct scope, java.lang.String id)
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
.build();
scope
Required ¶
id
Required ¶
- Type:
java.lang.String
metadata
Optional ¶
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
The pod metadata of this workload.
select
Optional ¶
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
Methods ¶
select
¶
public select(LabelSelector selectors)
selectors
Required ¶
Properties ¶
connections
Required ¶
public PodConnections getConnections();
matchExpressions
Required ¶
public java.util.List<LabelSelectorRequirement> getMatchExpressions();
- Type: java.util.List<
org.cdk8s.plus29.LabelSelectorRequirement
>
The expression matchers this workload will use in order to select pods.
Returns a a copy. Use select()
to add expression matchers.
matchLabels
Required ¶
public java.util.Map<java.lang.String, java.lang.String> getMatchLabels();
- Type: java.util.Map
java.lang.String>
The label matchers this workload will use in order to select pods.
Returns a a copy. Use select()
to add label matchers.
podMetadata
Required ¶
public ApiObjectMetadataDefinition getPodMetadata();
The metadata of pods in this workload.
scheduling
Required ¶
public WorkloadScheduling getScheduling();
Structs ¶
AbstractPodProps ¶
Properties for AbstractPod
.
Initializer ¶
import org.cdk8s.plus29.AbstractPodProps;
AbstractPodProps.builder()
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
public java.lang.Boolean getAutomountServiceAccountToken();
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
public java.util.List<ContainerProps> getContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
public PodDnsProps getDns();
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
public ISecret getDockerRegistryAuth();
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
public java.util.List<HostAlias> getHostAliases();
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
public java.lang.Boolean getHostNetwork();
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
public java.util.List<ContainerProps> getInitContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
public java.lang.Boolean getIsolate();
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
public RestartPolicy getRestartPolicy();
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
public PodSecurityContextProps getSecurityContext();
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
public IServiceAccount getServiceAccount();
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
public Duration getTerminationGracePeriod();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
public java.util.List<Volume> getVolumes();
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
AddDeploymentOptions ¶
Options to add a deployment to a service.
Initializer ¶
import org.cdk8s.plus29.AddDeploymentOptions;
AddDeploymentOptions.builder()
// .name(java.lang.String)
// .nodePort(java.lang.Number)
// .protocol(Protocol)
// .targetPort(java.lang.Number)
// .port(java.lang.Number)
.build();
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
The name of this port within the service.
This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the ‘Name’ field in EndpointPort objects. Optional if only one ServicePort is defined on this service.
nodePort
Optional ¶
public java.lang.Number getNodePort();
- Type:
java.lang.Number
- Default: auto-allocate a port if the ServiceType of this Service requires one.
The port on each node on which this service is exposed when type=NodePort or LoadBalancer.
Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one.
https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
protocol
Optional ¶
public Protocol getProtocol();
- Type:
org.cdk8s.plus29.Protocol
- Default: Protocol.TCP
The IP protocol for this port.
Supports “TCP”, “UDP”, and “SCTP”. Default is TCP.
targetPort
Optional ¶
public java.lang.Number getTargetPort();
- Type:
java.lang.Number
- Default: The value of
port
will be used.
The port number the service will redirect to.
port
Optional ¶
public java.lang.Number getPort();
- Type:
java.lang.Number
- Default: Copied from the first container of the deployment.
The port number the service will bind to.
AddDirectoryOptions ¶
Options for configmap.addDirectory()
.
Initializer ¶
import org.cdk8s.plus29.AddDirectoryOptions;
AddDirectoryOptions.builder()
// .exclude(java.util.List<java.lang.String>)
// .keyPrefix(java.lang.String)
.build();
exclude
Optional ¶
public java.util.List<java.lang.String> getExclude();
- Type: java.util.List<
java.lang.String
> - Default: include all files
Glob patterns to exclude when adding files.
keyPrefix
Optional ¶
public java.lang.String getKeyPrefix();
- Type:
java.lang.String
- Default: “”
A prefix to add to all keys in the config map.
ApiResourceOptions ¶
Options for ApiResource
.
Initializer ¶
import org.cdk8s.plus29.ApiResourceOptions;
ApiResourceOptions.builder()
.apiGroup(java.lang.String)
.resourceType(java.lang.String)
.build();
apiGroup
Required ¶
public java.lang.String getApiGroup();
- Type:
java.lang.String
The group portion of the API version (e.g. authorization.k8s.io
).
resourceType
Required ¶
public java.lang.String getResourceType();
- Type:
java.lang.String
The name of the resource type as it appears in the relevant API endpoint.
https://kubernetes.io/docs/reference/access-authn-authz/rbac/#referring-to-resources
AwsElasticBlockStorePersistentVolumeProps ¶
Properties for AwsElasticBlockStorePersistentVolume
.
Initializer ¶
import org.cdk8s.plus29.AwsElasticBlockStorePersistentVolumeProps;
AwsElasticBlockStorePersistentVolumeProps.builder()
// .metadata(ApiObjectMetadata)
// .accessModes(java.util.List<PersistentVolumeAccessMode>)
// .claim(IPersistentVolumeClaim)
// .mountOptions(java.util.List<java.lang.String>)
// .reclaimPolicy(PersistentVolumeReclaimPolicy)
// .storage(Size)
// .storageClassName(java.lang.String)
// .volumeMode(PersistentVolumeMode)
.volumeId(java.lang.String)
// .fsType(java.lang.String)
// .partition(java.lang.Number)
// .readOnly(java.lang.Boolean)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
accessModes
Optional ¶
public java.util.List<PersistentVolumeAccessMode> getAccessModes();
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
> - Default: No access modes.
Contains all ways the volume can be mounted.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
claim
Optional ¶
public IPersistentVolumeClaim getClaim();
- Type:
org.cdk8s.plus29.IPersistentVolumeClaim
- Default: Not bound to a specific claim.
Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
Expected to be non-nil when bound.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
mountOptions
Optional ¶
public java.util.List<java.lang.String> getMountOptions();
- Type: java.util.List<
java.lang.String
> - Default: No options.
A list of mount options, e.g. [“ro”, “soft”]. Not validated - mount will simply fail if one is invalid.
https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
reclaimPolicy
Optional ¶
public PersistentVolumeReclaimPolicy getReclaimPolicy();
- Type:
org.cdk8s.plus29.PersistentVolumeReclaimPolicy
- Default: PersistentVolumeReclaimPolicy.RETAIN
When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
The reclaim policy tells the cluster what to do with the volume after it has been released of its claim.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
storage
Optional ¶
public Size getStorage();
- Type:
org.cdk8s.Size
- Default: No specified.
What is the storage capacity of this volume.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
storageClassName
Optional ¶
public java.lang.String getStorageClassName();
- Type:
java.lang.String
- Default: Volume does not belong to any storage class.
Name of StorageClass to which this persistent volume belongs.
volumeMode
Optional ¶
public PersistentVolumeMode getVolumeMode();
- Type:
org.cdk8s.plus29.PersistentVolumeMode
- Default: VolumeMode.FILE_SYSTEM
Defines what type of volume is required by the claim.
volumeId
Required ¶
public java.lang.String getVolumeId();
- Type:
java.lang.String
Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
fsType
Optional ¶
public java.lang.String getFsType();
- Type:
java.lang.String
- Default: ‘ext4’
Filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
partition
Optional ¶
public java.lang.Number getPartition();
- Type:
java.lang.Number
- Default: No partition.
The partition in the volume that you want to mount.
If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as “1”. Similarly, the volume partition for /dev/sda is “0” (or you can leave the property empty).
readOnly
Optional ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
- Default: false
Specify “true” to force and set the ReadOnly property in VolumeMounts to “true”.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
AwsElasticBlockStoreVolumeOptions ¶
Options of Volume.fromAwsElasticBlockStore
.
Initializer ¶
import org.cdk8s.plus29.AwsElasticBlockStoreVolumeOptions;
AwsElasticBlockStoreVolumeOptions.builder()
// .fsType(java.lang.String)
// .name(java.lang.String)
// .partition(java.lang.Number)
// .readOnly(java.lang.Boolean)
.build();
fsType
Optional ¶
public java.lang.String getFsType();
- Type:
java.lang.String
- Default: ‘ext4’
Filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: auto-generated
The volume name.
partition
Optional ¶
public java.lang.Number getPartition();
- Type:
java.lang.Number
- Default: No partition.
The partition in the volume that you want to mount.
If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as “1”. Similarly, the volume partition for /dev/sda is “0” (or you can leave the property empty).
readOnly
Optional ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
- Default: false
Specify “true” to force and set the ReadOnly property in VolumeMounts to “true”.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
AzureDiskPersistentVolumeProps ¶
Properties for AzureDiskPersistentVolume
.
Initializer ¶
import org.cdk8s.plus29.AzureDiskPersistentVolumeProps;
AzureDiskPersistentVolumeProps.builder()
// .metadata(ApiObjectMetadata)
// .accessModes(java.util.List<PersistentVolumeAccessMode>)
// .claim(IPersistentVolumeClaim)
// .mountOptions(java.util.List<java.lang.String>)
// .reclaimPolicy(PersistentVolumeReclaimPolicy)
// .storage(Size)
// .storageClassName(java.lang.String)
// .volumeMode(PersistentVolumeMode)
.diskName(java.lang.String)
.diskUri(java.lang.String)
// .cachingMode(AzureDiskPersistentVolumeCachingMode)
// .fsType(java.lang.String)
// .kind(AzureDiskPersistentVolumeKind)
// .readOnly(java.lang.Boolean)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
accessModes
Optional ¶
public java.util.List<PersistentVolumeAccessMode> getAccessModes();
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
> - Default: No access modes.
Contains all ways the volume can be mounted.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
claim
Optional ¶
public IPersistentVolumeClaim getClaim();
- Type:
org.cdk8s.plus29.IPersistentVolumeClaim
- Default: Not bound to a specific claim.
Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
Expected to be non-nil when bound.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
mountOptions
Optional ¶
public java.util.List<java.lang.String> getMountOptions();
- Type: java.util.List<
java.lang.String
> - Default: No options.
A list of mount options, e.g. [“ro”, “soft”]. Not validated - mount will simply fail if one is invalid.
https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
reclaimPolicy
Optional ¶
public PersistentVolumeReclaimPolicy getReclaimPolicy();
- Type:
org.cdk8s.plus29.PersistentVolumeReclaimPolicy
- Default: PersistentVolumeReclaimPolicy.RETAIN
When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
The reclaim policy tells the cluster what to do with the volume after it has been released of its claim.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
storage
Optional ¶
public Size getStorage();
- Type:
org.cdk8s.Size
- Default: No specified.
What is the storage capacity of this volume.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
storageClassName
Optional ¶
public java.lang.String getStorageClassName();
- Type:
java.lang.String
- Default: Volume does not belong to any storage class.
Name of StorageClass to which this persistent volume belongs.
volumeMode
Optional ¶
public PersistentVolumeMode getVolumeMode();
- Type:
org.cdk8s.plus29.PersistentVolumeMode
- Default: VolumeMode.FILE_SYSTEM
Defines what type of volume is required by the claim.
diskName
Required ¶
public java.lang.String getDiskName();
- Type:
java.lang.String
The Name of the data disk in the blob storage.
diskUri
Required ¶
public java.lang.String getDiskUri();
- Type:
java.lang.String
The URI the data disk in the blob storage.
cachingMode
Optional ¶
public AzureDiskPersistentVolumeCachingMode getCachingMode();
- Type:
org.cdk8s.plus29.AzureDiskPersistentVolumeCachingMode
- Default: AzureDiskPersistentVolumeCachingMode.NONE.
Host Caching mode.
fsType
Optional ¶
public java.lang.String getFsType();
- Type:
java.lang.String
- Default: ‘ext4’
Filesystem type to mount.
Must be a filesystem type supported by the host operating system.
kind
Optional ¶
public AzureDiskPersistentVolumeKind getKind();
- Type:
org.cdk8s.plus29.AzureDiskPersistentVolumeKind
- Default: AzureDiskPersistentVolumeKind.SHARED
Kind of disk.
readOnly
Optional ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
- Default: false
Force the ReadOnly setting in VolumeMounts.
AzureDiskVolumeOptions ¶
Options of Volume.fromAzureDisk
.
Initializer ¶
import org.cdk8s.plus29.AzureDiskVolumeOptions;
AzureDiskVolumeOptions.builder()
// .cachingMode(AzureDiskPersistentVolumeCachingMode)
// .fsType(java.lang.String)
// .kind(AzureDiskPersistentVolumeKind)
// .name(java.lang.String)
// .readOnly(java.lang.Boolean)
.build();
cachingMode
Optional ¶
public AzureDiskPersistentVolumeCachingMode getCachingMode();
- Type:
org.cdk8s.plus29.AzureDiskPersistentVolumeCachingMode
- Default: AzureDiskPersistentVolumeCachingMode.NONE.
Host Caching mode.
fsType
Optional ¶
public java.lang.String getFsType();
- Type:
java.lang.String
- Default: ‘ext4’
Filesystem type to mount.
Must be a filesystem type supported by the host operating system.
kind
Optional ¶
public AzureDiskPersistentVolumeKind getKind();
- Type:
org.cdk8s.plus29.AzureDiskPersistentVolumeKind
- Default: AzureDiskPersistentVolumeKind.SHARED
Kind of disk.
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: auto-generated
The volume name.
readOnly
Optional ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
- Default: false
Force the ReadOnly setting in VolumeMounts.
BasicAuthSecretProps ¶
Options for BasicAuthSecret
.
Initializer ¶
import org.cdk8s.plus29.BasicAuthSecretProps;
BasicAuthSecretProps.builder()
// .metadata(ApiObjectMetadata)
// .immutable(java.lang.Boolean)
.password(java.lang.String)
.username(java.lang.String)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
immutable
Optional ¶
public java.lang.Boolean getImmutable();
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
password
Required ¶
public java.lang.String getPassword();
- Type:
java.lang.String
The password or token for authentication.
username
Required ¶
public java.lang.String getUsername();
- Type:
java.lang.String
The user name for authentication.
ClusterRoleBindingProps ¶
Properties for ClusterRoleBinding
.
Initializer ¶
import org.cdk8s.plus29.ClusterRoleBindingProps;
ClusterRoleBindingProps.builder()
// .metadata(ApiObjectMetadata)
.role(IClusterRole)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
role
Required ¶
public IClusterRole getRole();
The role to bind to.
ClusterRolePolicyRule ¶
Policy rule of a `ClusterRole.
Initializer ¶
import org.cdk8s.plus29.ClusterRolePolicyRule;
ClusterRolePolicyRule.builder()
.endpoints(java.util.List<IApiEndpoint>)
.verbs(java.util.List<java.lang.String>)
.build();
endpoints
Required ¶
public java.util.List<IApiEndpoint> getEndpoints();
- Type: java.util.List<
org.cdk8s.plus29.IApiEndpoint
>
Endpoints this rule applies to.
Can be either api resources or non api resources.
verbs
Required ¶
public java.util.List<java.lang.String> getVerbs();
- Type: java.util.List<
java.lang.String
>
Verbs to allow.
(e.g [‘get’, ‘watch’])
ClusterRoleProps ¶
Properties for ClusterRole
.
Initializer ¶
import org.cdk8s.plus29.ClusterRoleProps;
ClusterRoleProps.builder()
// .metadata(ApiObjectMetadata)
// .aggregationLabels(java.util.Map<java.lang.String, java.lang.String>)
// .rules(java.util.List<ClusterRolePolicyRule>)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
aggregationLabels
Optional ¶
public java.util.Map<java.lang.String, java.lang.String> getAggregationLabels();
- Type: java.util.Map
java.lang.String>
Specify labels that should be used to locate ClusterRoles, whose rules will be automatically filled into this ClusterRole’s rules.
rules
Optional ¶
public java.util.List<ClusterRolePolicyRule> getRules();
- Type: java.util.List<
org.cdk8s.plus29.ClusterRolePolicyRule
> - Default: []
A list of rules the role should allow.
CommandProbeOptions ¶
Options for Probe.fromCommand()
.
Initializer ¶
import org.cdk8s.plus29.CommandProbeOptions;
CommandProbeOptions.builder()
// .failureThreshold(java.lang.Number)
// .initialDelaySeconds(Duration)
// .periodSeconds(Duration)
// .successThreshold(java.lang.Number)
// .timeoutSeconds(Duration)
.build();
failureThreshold
Optional ¶
public java.lang.Number getFailureThreshold();
- Type:
java.lang.Number
- Default: 3
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
initialDelaySeconds
Optional ¶
public Duration getInitialDelaySeconds();
- Type:
org.cdk8s.Duration
- Default: immediate
Number of seconds after the container has started before liveness probes are initiated.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
periodSeconds
Optional ¶
public Duration getPeriodSeconds();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(10) Minimum value is 1.
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
successThreshold
Optional ¶
public java.lang.Number getSuccessThreshold();
- Type:
java.lang.Number
- Default: 1 Must be 1 for liveness and startup. Minimum value is 1.
Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1.
Must be 1 for liveness and startup. Minimum value is 1.
timeoutSeconds
Optional ¶
public Duration getTimeoutSeconds();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(1)
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
CommonSecretProps ¶
Common properties for Secret
.
Initializer ¶
import org.cdk8s.plus29.CommonSecretProps;
CommonSecretProps.builder()
// .metadata(ApiObjectMetadata)
// .immutable(java.lang.Boolean)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
immutable
Optional ¶
public java.lang.Boolean getImmutable();
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
ConfigMapProps ¶
Properties for initialization of ConfigMap
.
Initializer ¶
import org.cdk8s.plus29.ConfigMapProps;
ConfigMapProps.builder()
// .metadata(ApiObjectMetadata)
// .binaryData(java.util.Map<java.lang.String, java.lang.String>)
// .data(java.util.Map<java.lang.String, java.lang.String>)
// .immutable(java.lang.Boolean)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
binaryData
Optional ¶
public java.util.Map<java.lang.String, java.lang.String> getBinaryData();
- Type: java.util.Map
java.lang.String>
BinaryData contains the binary data.
Each key must consist of alphanumeric characters, ‘-‘, ‘_’ or ‘.’. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process.
You can also add binary data using configMap.addBinaryData()
.
data
Optional ¶
public java.util.Map<java.lang.String, java.lang.String> getData();
- Type: java.util.Map
java.lang.String>
Data contains the configuration data.
Each key must consist of alphanumeric characters, ‘-‘, ‘_’ or ‘.’. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.
You can also add data using configMap.addData()
.
immutable
Optional ¶
public java.lang.Boolean getImmutable();
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the ConfigMap cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
ConfigMapVolumeOptions ¶
Options for the ConfigMap-based volume.
Initializer ¶
import org.cdk8s.plus29.ConfigMapVolumeOptions;
ConfigMapVolumeOptions.builder()
// .defaultMode(java.lang.Number)
// .items(java.util.Map<java.lang.String, PathMapping>)
// .name(java.lang.String)
// .optional(java.lang.Boolean)
.build();
defaultMode
Optional ¶
public java.lang.Number getDefaultMode();
- Type:
java.lang.Number
- Default: 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
Mode bits to use on created files by default.
Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
items
Optional ¶
public java.util.Map<java.lang.String, PathMapping> getItems();
- Type: java.util.Map
klzzwxh:12741> - Default: no mapping
If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value.
If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the ‘..’ path or start with ‘..’.
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: auto-generated
The volume name.
optional
Optional ¶
public java.lang.Boolean getOptional();
- Type:
java.lang.Boolean
- Default: undocumented
Specify whether the ConfigMap or its keys must be defined.
ContainerLifecycle ¶
Container lifecycle properties.
Initializer ¶
import org.cdk8s.plus29.ContainerLifecycle;
ContainerLifecycle.builder()
// .postStart(Handler)
// .preStop(Handler)
.build();
postStart
Optional ¶
public Handler getPostStart();
- Type:
org.cdk8s.plus29.Handler
- Default: No post start handler.
This hook is executed immediately after a container is created.
However, there is no guarantee that the hook will execute before the container ENTRYPOINT.
preStop
Optional ¶
public Handler getPreStop();
- Type:
org.cdk8s.plus29.Handler
- Default: No pre stop handler.
This hook is called immediately before a container is terminated due to an API request or management event such as a liveness/startup probe failure, preemption, resource contention and others.
A call to the PreStop hook fails if the container is already in a terminated or completed state and the hook must complete before the TERM signal to stop the container can be sent. The Pod’s termination grace period countdown begins before the PreStop hook is executed, so regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period. No parameters are passed to the handler.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination
ContainerOpts ¶
Optional properties of a container.
Initializer ¶
import org.cdk8s.plus29.ContainerOpts;
ContainerOpts.builder()
// .args(java.util.List<java.lang.String>)
// .command(java.util.List<java.lang.String>)
// .envFrom(java.util.List<EnvFrom>)
// .envVariables(java.util.Map<java.lang.String, EnvValue>)
// .imagePullPolicy(ImagePullPolicy)
// .lifecycle(ContainerLifecycle)
// .liveness(Probe)
// .name(java.lang.String)
// .port(java.lang.Number)
// .portNumber(java.lang.Number)
// .ports(java.util.List<ContainerPort>)
// .readiness(Probe)
// .resources(ContainerResources)
// .restartPolicy(ContainerRestartPolicy)
// .securityContext(ContainerSecurityContextProps)
// .startup(Probe)
// .volumeMounts(java.util.List<VolumeMount>)
// .workingDir(java.lang.String)
.build();
args
Optional ¶
public java.util.List<java.lang.String> getArgs();
- Type: java.util.List<
java.lang.String
> - Default: []
Arguments to the entrypoint. The docker image’s CMD is used if command
is not provided.
Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.
Cannot be updated.
https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
command
Optional ¶
public java.util.List<java.lang.String> getCommand();
- Type: java.util.List<
java.lang.String
> - Default: The docker image’s ENTRYPOINT.
Entrypoint array.
Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
envFrom
Optional ¶
public java.util.List<EnvFrom> getEnvFrom();
- Type: java.util.List<
org.cdk8s.plus29.EnvFrom
> - Default: No sources.
List of sources to populate environment variables in the container.
When a key exists in multiple sources, the value associated with
the last source will take precedence. Values defined by the envVariables
property
with a duplicate key will take precedence.
envVariables
Optional ¶
public java.util.Map<java.lang.String, EnvValue> getEnvVariables();
- Type: java.util.Map
klzzwxh:12712> - Default: No environment variables.
Environment variables to set in the container.
imagePullPolicy
Optional ¶
public ImagePullPolicy getImagePullPolicy();
- Type:
org.cdk8s.plus29.ImagePullPolicy
- Default: ImagePullPolicy.ALWAYS
Image pull policy for this container.
lifecycle
Optional ¶
public ContainerLifecycle getLifecycle();
Describes actions that the management system should take in response to container lifecycle events.
liveness
Optional ¶
public Probe getLiveness();
- Type:
org.cdk8s.plus29.Probe
- Default: no liveness probe is defined
Periodic probe of container liveness.
Container will be restarted if the probe fails.
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: ‘main’
Name of the container specified as a DNS_LABEL.
Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
~~port
~~Optional ¶
- Deprecated: - use
portNumber
.
public java.lang.Number getPort();
- Type:
java.lang.Number
portNumber
Optional ¶
public java.lang.Number getPortNumber();
- Type:
java.lang.Number
- Default: Only the ports mentiond in the
ports
property are exposed.
Number of port to expose on the pod’s IP address.
This must be a valid port number, 0 < x < 65536.
This is a convinience property if all you need a single TCP numbered port.
In case more advanced configuartion is required, use the ports
property.
This port is added to the list of ports mentioned in the ports
property.
ports
Optional ¶
public java.util.List<ContainerPort> getPorts();
- Type: java.util.List<
org.cdk8s.plus29.ContainerPort
> - Default: Only the port mentioned in the
portNumber
property is exposed.
List of ports to expose from this container.
readiness
Optional ¶
public Probe getReadiness();
- Type:
org.cdk8s.plus29.Probe
- Default: no readiness probe is defined
Determines when the container is ready to serve traffic.
resources
Optional ¶
public ContainerResources getResources();
- Type:
org.cdk8s.plus29.ContainerResources
- Default: cpu: request: 1000 millis limit: 1500 millis memory: request: 512 mebibytes limit: 2048 mebibytes
Compute resources (CPU and memory requests and limits) required by the container.
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
restartPolicy
Optional ¶
public ContainerRestartPolicy getRestartPolicy();
- Type:
org.cdk8s.plus29.ContainerRestartPolicy
- Default: no restart policy is defined and the pod restart policy is applied
Kubelet will start init containers with restartPolicy=Always in the order with other init containers, but instead of waiting for its completion, it will wait for the container startup completion Currently, only accepted value is Always.
https://kubernetes.io/docs/concepts/workloads/pods/sidecar-containers/
securityContext
Optional ¶
public ContainerSecurityContextProps getSecurityContext();
- Type:
org.cdk8s.plus29.ContainerSecurityContextProps
- Default: ensureNonRoot: true privileged: false readOnlyRootFilesystem: true allowPrivilegeEscalation: false user: 25000 group: 26000
SecurityContext defines the security options the container should be run with.
If set, the fields override equivalent fields of the pod’s security context.
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
startup
Optional ¶
public Probe getStartup();
- Type:
org.cdk8s.plus29.Probe
- Default: If a port is provided, then knocks on that port to determine when the container is ready for readiness and liveness probe checks. Otherwise, no startup probe is defined.
StartupProbe indicates that the Pod has successfully initialized.
If specified, no other probes are executed until this completes successfully
volumeMounts
Optional ¶
public java.util.List<VolumeMount> getVolumeMounts();
- Type: java.util.List<
org.cdk8s.plus29.VolumeMount
>
Pod volumes to mount into the container’s filesystem.
Cannot be updated.
workingDir
Optional ¶
public java.lang.String getWorkingDir();
- Type:
java.lang.String
- Default: The container runtime’s default.
Container’s working directory.
If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.
ContainerPort ¶
Represents a network port in a single container.
Initializer ¶
import org.cdk8s.plus29.ContainerPort;
ContainerPort.builder()
.number(java.lang.Number)
// .hostIp(java.lang.String)
// .hostPort(java.lang.Number)
// .name(java.lang.String)
// .protocol(Protocol)
.build();
number
Required ¶
public java.lang.Number getNumber();
- Type:
java.lang.Number
Number of port to expose on the pod’s IP address.
This must be a valid port number, 0 < x < 65536.
hostIp
Optional ¶
public java.lang.String getHostIp();
- Type:
java.lang.String
- Default: 127.0.0.1.
What host IP to bind the external port to.
hostPort
Optional ¶
public java.lang.Number getHostPort();
- Type:
java.lang.Number
- Default: auto generated by kubernetes and might change on restarts.
Number of port to expose on the host.
If specified, this must be a valid port number, 0 < x < 65536. Most containers do not need this.
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: port is not named.
If specified, this must be an IANA_SVC_NAME and unique within the pod.
Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
protocol
Optional ¶
public Protocol getProtocol();
- Type:
org.cdk8s.plus29.Protocol
- Default: Protocol.TCP
Protocol for port.
Must be UDP, TCP, or SCTP. Defaults to “TCP”.
ContainerProps ¶
Properties for creating a container.
Initializer ¶
import org.cdk8s.plus29.ContainerProps;
ContainerProps.builder()
// .args(java.util.List<java.lang.String>)
// .command(java.util.List<java.lang.String>)
// .envFrom(java.util.List<EnvFrom>)
// .envVariables(java.util.Map<java.lang.String, EnvValue>)
// .imagePullPolicy(ImagePullPolicy)
// .lifecycle(ContainerLifecycle)
// .liveness(Probe)
// .name(java.lang.String)
// .port(java.lang.Number)
// .portNumber(java.lang.Number)
// .ports(java.util.List<ContainerPort>)
// .readiness(Probe)
// .resources(ContainerResources)
// .restartPolicy(ContainerRestartPolicy)
// .securityContext(ContainerSecurityContextProps)
// .startup(Probe)
// .volumeMounts(java.util.List<VolumeMount>)
// .workingDir(java.lang.String)
.image(java.lang.String)
.build();
args
Optional ¶
public java.util.List<java.lang.String> getArgs();
- Type: java.util.List<
java.lang.String
> - Default: []
Arguments to the entrypoint. The docker image’s CMD is used if command
is not provided.
Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.
Cannot be updated.
https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
command
Optional ¶
public java.util.List<java.lang.String> getCommand();
- Type: java.util.List<
java.lang.String
> - Default: The docker image’s ENTRYPOINT.
Entrypoint array.
Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
envFrom
Optional ¶
public java.util.List<EnvFrom> getEnvFrom();
- Type: java.util.List<
org.cdk8s.plus29.EnvFrom
> - Default: No sources.
List of sources to populate environment variables in the container.
When a key exists in multiple sources, the value associated with
the last source will take precedence. Values defined by the envVariables
property
with a duplicate key will take precedence.
envVariables
Optional ¶
public java.util.Map<java.lang.String, EnvValue> getEnvVariables();
- Type: java.util.Map
klzzwxh:12629> - Default: No environment variables.
Environment variables to set in the container.
imagePullPolicy
Optional ¶
public ImagePullPolicy getImagePullPolicy();
- Type:
org.cdk8s.plus29.ImagePullPolicy
- Default: ImagePullPolicy.ALWAYS
Image pull policy for this container.
lifecycle
Optional ¶
public ContainerLifecycle getLifecycle();
Describes actions that the management system should take in response to container lifecycle events.
liveness
Optional ¶
public Probe getLiveness();
- Type:
org.cdk8s.plus29.Probe
- Default: no liveness probe is defined
Periodic probe of container liveness.
Container will be restarted if the probe fails.
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: ‘main’
Name of the container specified as a DNS_LABEL.
Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
~~port
~~Optional ¶
- Deprecated: - use
portNumber
.
public java.lang.Number getPort();
- Type:
java.lang.Number
portNumber
Optional ¶
public java.lang.Number getPortNumber();
- Type:
java.lang.Number
- Default: Only the ports mentiond in the
ports
property are exposed.
Number of port to expose on the pod’s IP address.
This must be a valid port number, 0 < x < 65536.
This is a convinience property if all you need a single TCP numbered port.
In case more advanced configuartion is required, use the ports
property.
This port is added to the list of ports mentioned in the ports
property.
ports
Optional ¶
public java.util.List<ContainerPort> getPorts();
- Type: java.util.List<
org.cdk8s.plus29.ContainerPort
> - Default: Only the port mentioned in the
portNumber
property is exposed.
List of ports to expose from this container.
readiness
Optional ¶
public Probe getReadiness();
- Type:
org.cdk8s.plus29.Probe
- Default: no readiness probe is defined
Determines when the container is ready to serve traffic.
resources
Optional ¶
public ContainerResources getResources();
- Type:
org.cdk8s.plus29.ContainerResources
- Default: cpu: request: 1000 millis limit: 1500 millis memory: request: 512 mebibytes limit: 2048 mebibytes
Compute resources (CPU and memory requests and limits) required by the container.
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
restartPolicy
Optional ¶
public ContainerRestartPolicy getRestartPolicy();
- Type:
org.cdk8s.plus29.ContainerRestartPolicy
- Default: no restart policy is defined and the pod restart policy is applied
Kubelet will start init containers with restartPolicy=Always in the order with other init containers, but instead of waiting for its completion, it will wait for the container startup completion Currently, only accepted value is Always.
https://kubernetes.io/docs/concepts/workloads/pods/sidecar-containers/
securityContext
Optional ¶
public ContainerSecurityContextProps getSecurityContext();
- Type:
org.cdk8s.plus29.ContainerSecurityContextProps
- Default: ensureNonRoot: true privileged: false readOnlyRootFilesystem: true allowPrivilegeEscalation: false user: 25000 group: 26000
SecurityContext defines the security options the container should be run with.
If set, the fields override equivalent fields of the pod’s security context.
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
startup
Optional ¶
public Probe getStartup();
- Type:
org.cdk8s.plus29.Probe
- Default: If a port is provided, then knocks on that port to determine when the container is ready for readiness and liveness probe checks. Otherwise, no startup probe is defined.
StartupProbe indicates that the Pod has successfully initialized.
If specified, no other probes are executed until this completes successfully
volumeMounts
Optional ¶
public java.util.List<VolumeMount> getVolumeMounts();
- Type: java.util.List<
org.cdk8s.plus29.VolumeMount
>
Pod volumes to mount into the container’s filesystem.
Cannot be updated.
workingDir
Optional ¶
public java.lang.String getWorkingDir();
- Type:
java.lang.String
- Default: The container runtime’s default.
Container’s working directory.
If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.
image
Required ¶
public java.lang.String getImage();
- Type:
java.lang.String
Docker image name.
ContainerResources ¶
CPU and memory compute resources.
Initializer ¶
import org.cdk8s.plus29.ContainerResources;
ContainerResources.builder()
// .cpu(CpuResources)
// .ephemeralStorage(EphemeralStorageResources)
// .memory(MemoryResources)
.build();
cpu
Optional ¶
public CpuResources getCpu();
ephemeralStorage
Optional ¶
public EphemeralStorageResources getEphemeralStorage();
memory
Optional ¶
public MemoryResources getMemory();
ContainerSecurityContextProps ¶
Properties for ContainerSecurityContext
.
Initializer ¶
import org.cdk8s.plus29.ContainerSecurityContextProps;
ContainerSecurityContextProps.builder()
// .allowPrivilegeEscalation(java.lang.Boolean)
// .capabilities(ContainerSecutiryContextCapabilities)
// .ensureNonRoot(java.lang.Boolean)
// .group(java.lang.Number)
// .privileged(java.lang.Boolean)
// .readOnlyRootFilesystem(java.lang.Boolean)
// .seccompProfile(SeccompProfile)
// .user(java.lang.Number)
.build();
allowPrivilegeEscalation
Optional ¶
public java.lang.Boolean getAllowPrivilegeEscalation();
- Type:
java.lang.Boolean
- Default: false
Whether a process can gain more privileges than its parent process.
capabilities
Optional ¶
public ContainerSecutiryContextCapabilities getCapabilities();
- Type:
org.cdk8s.plus29.ContainerSecutiryContextCapabilities
- Default: none
POSIX capabilities for running containers.
ensureNonRoot
Optional ¶
public java.lang.Boolean getEnsureNonRoot();
- Type:
java.lang.Boolean
- Default: true
Indicates that the container must run as a non-root user.
If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does.
group
Optional ¶
public java.lang.Number getGroup();
- Type:
java.lang.Number
- Default: 26000. An arbitrary number bigger than 9999 is selected here. This is so that the container is blocked to access host files even if somehow it manages to get access to host file system.
The GID to run the entrypoint of the container process.
privileged
Optional ¶
public java.lang.Boolean getPrivileged();
- Type:
java.lang.Boolean
- Default: false
Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
readOnlyRootFilesystem
Optional ¶
public java.lang.Boolean getReadOnlyRootFilesystem();
- Type:
java.lang.Boolean
- Default: true
Whether this container has a read-only root filesystem.
seccompProfile
Optional ¶
public SeccompProfile getSeccompProfile();
- Type:
org.cdk8s.plus29.SeccompProfile
- Default: none
Container’s seccomp profile settings.
Only one profile source may be set
user
Optional ¶
public java.lang.Number getUser();
- Type:
java.lang.Number
- Default: 25000. An arbitrary number bigger than 9999 is selected here. This is so that the container is blocked to access host files even if somehow it manages to get access to host file system.
The UID to run the entrypoint of the container process.
ContainerSecutiryContextCapabilities ¶
Initializer ¶
import org.cdk8s.plus29.ContainerSecutiryContextCapabilities;
ContainerSecutiryContextCapabilities.builder()
// .add(java.util.List<Capability>)
// .drop(java.util.List<Capability>)
.build();
add
Optional ¶
public java.util.List<Capability> getAdd();
- Type: java.util.List<
org.cdk8s.plus29.Capability
>
Added capabilities.
drop
Optional ¶
public java.util.List<Capability> getDrop();
- Type: java.util.List<
org.cdk8s.plus29.Capability
>
Removed capabilities.
CpuResources ¶
CPU request and limit.
Initializer ¶
import org.cdk8s.plus29.CpuResources;
CpuResources.builder()
// .limit(Cpu)
// .request(Cpu)
.build();
limit
Optional ¶
public Cpu getLimit();
- Type:
org.cdk8s.plus29.Cpu
request
Optional ¶
public Cpu getRequest();
- Type:
org.cdk8s.plus29.Cpu
CronJobProps ¶
Properties for CronJob
.
Initializer ¶
import org.cdk8s.plus29.CronJobProps;
CronJobProps.builder()
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
// .activeDeadline(Duration)
// .backoffLimit(java.lang.Number)
// .ttlAfterFinished(Duration)
.schedule(Cron)
// .concurrencyPolicy(ConcurrencyPolicy)
// .failedJobsRetained(java.lang.Number)
// .startingDeadline(Duration)
// .successfulJobsRetained(java.lang.Number)
// .suspend(java.lang.Boolean)
// .timeZone(java.lang.String)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
public java.lang.Boolean getAutomountServiceAccountToken();
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
public java.util.List<ContainerProps> getContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
public PodDnsProps getDns();
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
public ISecret getDockerRegistryAuth();
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
public java.util.List<HostAlias> getHostAliases();
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
public java.lang.Boolean getHostNetwork();
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
public java.util.List<ContainerProps> getInitContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
public java.lang.Boolean getIsolate();
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
public RestartPolicy getRestartPolicy();
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
public PodSecurityContextProps getSecurityContext();
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
public IServiceAccount getServiceAccount();
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
public Duration getTerminationGracePeriod();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
public java.util.List<Volume> getVolumes();
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
public ApiObjectMetadata getPodMetadata();
The pod metadata of this workload.
select
Optional ¶
public java.lang.Boolean getSelect();
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
public java.lang.Boolean getSpread();
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
activeDeadline
Optional ¶
public Duration getActiveDeadline();
- Type:
org.cdk8s.Duration
- Default: If unset, then there is no deadline.
Specifies the duration the job may be active before the system tries to terminate it.
backoffLimit
Optional ¶
public java.lang.Number getBackoffLimit();
- Type:
java.lang.Number
- Default: If not set, system defaults to 6.
Specifies the number of retries before marking this job failed.
ttlAfterFinished
Optional ¶
public Duration getTtlAfterFinished();
- Type:
org.cdk8s.Duration
- Default: If this field is unset, the Job won’t be automatically deleted.
Limits the lifetime of a Job that has finished execution (either Complete or Failed).
If this field is set, after the Job finishes, it is eligible to
be automatically deleted. When the Job is being deleted, its lifecycle
guarantees (e.g. finalizers) will be honored. If this field is set to zero,
the Job becomes eligible to be deleted immediately after it finishes. This
field is alpha-level and is only honored by servers that enable the
TTLAfterFinished
feature.
schedule
Required ¶
public Cron getSchedule();
- Type:
org.cdk8s.Cron
Specifies the time in which the job would run again.
This is defined as a cron expression in the CronJob resource.
concurrencyPolicy
Optional ¶
public ConcurrencyPolicy getConcurrencyPolicy();
- Type:
org.cdk8s.plus29.ConcurrencyPolicy
- Default: ConcurrencyPolicy.Forbid
Specifies the concurrency policy for the job.
failedJobsRetained
Optional ¶
public java.lang.Number getFailedJobsRetained();
- Type:
java.lang.Number
- Default: 1
Specifies the number of failed jobs history retained.
This would retain the Job and the associated Pod resource and can be useful for debugging.
startingDeadline
Optional ¶
public Duration getStartingDeadline();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(10)
Kubernetes attempts to start cron jobs at its schedule time, but this is not guaranteed.
This deadline specifies how much time can pass after a schedule point, for which kubernetes can still start the job. For example, if this is set to 100 seconds, kubernetes is allowed to start the job at a maximum 100 seconds after the scheduled time.
Note that the Kubernetes CronJobController checks for things every 10 seconds, for this reason, a deadline below 10 seconds is not allowed, as it may cause your job to never be scheduled.
In addition, kubernetes will stop scheduling jobs if more than 100 schedules were missed (for any reason). This property also controls what time interval should kubernetes consider when counting for missed schedules.
For example, suppose a CronJob is set to schedule a new Job every one minute beginning at 08:30:00,
and its startingDeadline
field is not set. If the CronJob controller happens to be down from 08:29:00 to 10:21:00,
the job will not start as the number of missed jobs which missed their schedule is greater than 100.
However, if startingDeadline
is set to 200 seconds, kubernetes will only count 3 missed schedules, and thus
start a new execution at 10:22:00.
successfulJobsRetained
Optional ¶
public java.lang.Number getSuccessfulJobsRetained();
- Type:
java.lang.Number
- Default: 3
Specifies the number of successful jobs history retained.
This would retain the Job and the associated Pod resource and can be useful for debugging.
suspend
Optional ¶
public java.lang.Boolean getSuspend();
- Type:
java.lang.Boolean
- Default: false
Specifies if the cron job should be suspended.
Only applies to future executions, current ones are remained untouched.
timeZone
Optional ¶
public java.lang.String getTimeZone();
- Type:
java.lang.String
- Default: Timezone of kube-controller-manager process.
Specifies the timezone for the job.
This helps aligining the schedule to follow the specified timezone.
{@link https://en.wikipedia.org/wiki/List_of_tz_database_time_zones} for list of valid timezone values.
CsiVolumeOptions ¶
Options for the CSI driver based volume.
Initializer ¶
import org.cdk8s.plus29.CsiVolumeOptions;
CsiVolumeOptions.builder()
// .attributes(java.util.Map<java.lang.String, java.lang.String>)
// .fsType(java.lang.String)
// .name(java.lang.String)
// .readOnly(java.lang.Boolean)
.build();
attributes
Optional ¶
public java.util.Map<java.lang.String, java.lang.String> getAttributes();
- Type: java.util.Map
java.lang.String> - Default: undefined
Any driver-specific attributes to pass to the CSI volume builder.
fsType
Optional ¶
public java.lang.String getFsType();
- Type:
java.lang.String
- Default: driver-dependent
The filesystem type to mount.
Ex. “ext4”, “xfs”, “ntfs”. If not provided, the empty value is passed to the associated CSI driver, which will determine the default filesystem to apply.
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: auto-generated
The volume name.
readOnly
Optional ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
- Default: false
Whether the mounted volume should be read-only or not.
DaemonSetProps ¶
Properties for DaemonSet
.
Initializer ¶
import org.cdk8s.plus29.DaemonSetProps;
DaemonSetProps.builder()
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
// .minReadySeconds(java.lang.Number)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
public java.lang.Boolean getAutomountServiceAccountToken();
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
public java.util.List<ContainerProps> getContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
public PodDnsProps getDns();
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
public ISecret getDockerRegistryAuth();
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
public java.util.List<HostAlias> getHostAliases();
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
public java.lang.Boolean getHostNetwork();
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
public java.util.List<ContainerProps> getInitContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
public java.lang.Boolean getIsolate();
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
public RestartPolicy getRestartPolicy();
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
public PodSecurityContextProps getSecurityContext();
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
public IServiceAccount getServiceAccount();
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
public Duration getTerminationGracePeriod();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
public java.util.List<Volume> getVolumes();
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
public ApiObjectMetadata getPodMetadata();
The pod metadata of this workload.
select
Optional ¶
public java.lang.Boolean getSelect();
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
public java.lang.Boolean getSpread();
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
minReadySeconds
Optional ¶
public java.lang.Number getMinReadySeconds();
- Type:
java.lang.Number
- Default: 0
Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
DeploymentExposeViaServiceOptions ¶
Options for Deployment.exposeViaService
.
Initializer ¶
import org.cdk8s.plus29.DeploymentExposeViaServiceOptions;
DeploymentExposeViaServiceOptions.builder()
// .name(java.lang.String)
// .ports(java.util.List<ServicePort>)
// .serviceType(ServiceType)
.build();
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: auto generated.
The name of the service to expose.
If you’d like to expose the deployment multiple times, you must explicitly set a name starting from the second expose call.
ports
Optional ¶
public java.util.List<ServicePort> getPorts();
- Type: java.util.List<
org.cdk8s.plus29.ServicePort
> - Default: extracted from the deployment.
The ports that the service should bind to.
serviceType
Optional ¶
public ServiceType getServiceType();
- Type:
org.cdk8s.plus29.ServiceType
- Default: ClusterIP.
The type of the exposed service.
DeploymentProps ¶
Properties for Deployment
.
Initializer ¶
import org.cdk8s.plus29.DeploymentProps;
DeploymentProps.builder()
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
// .minReady(Duration)
// .progressDeadline(Duration)
// .replicas(java.lang.Number)
// .strategy(DeploymentStrategy)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
public java.lang.Boolean getAutomountServiceAccountToken();
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
public java.util.List<ContainerProps> getContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
public PodDnsProps getDns();
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
public ISecret getDockerRegistryAuth();
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
public java.util.List<HostAlias> getHostAliases();
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
public java.lang.Boolean getHostNetwork();
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
public java.util.List<ContainerProps> getInitContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
public java.lang.Boolean getIsolate();
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
public RestartPolicy getRestartPolicy();
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
public PodSecurityContextProps getSecurityContext();
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
public IServiceAccount getServiceAccount();
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
public Duration getTerminationGracePeriod();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
public java.util.List<Volume> getVolumes();
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
public ApiObjectMetadata getPodMetadata();
The pod metadata of this workload.
select
Optional ¶
public java.lang.Boolean getSelect();
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
public java.lang.Boolean getSpread();
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
minReady
Optional ¶
public Duration getMinReady();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(0)
Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
Zero means the pod will be considered available as soon as it is ready.
https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#min-ready-seconds
progressDeadline
Optional ¶
public Duration getProgressDeadline();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(600)
The maximum duration for a deployment to make progress before it is considered to be failed.
The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status.
Note that progress will not be estimated during the time a deployment is paused.
https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#progress-deadline-seconds
replicas
Optional ¶
public java.lang.Number getReplicas();
- Type:
java.lang.Number
- Default: 2
Number of desired pods.
strategy
Optional ¶
public DeploymentStrategy getStrategy();
- Type:
org.cdk8s.plus29.DeploymentStrategy
- Default: RollingUpdate with maxSurge and maxUnavailable set to 25%.
Specifies the strategy used to replace old Pods by new ones.
DeploymentStrategyRollingUpdateOptions ¶
Options for DeploymentStrategy.rollingUpdate
.
Initializer ¶
import org.cdk8s.plus29.DeploymentStrategyRollingUpdateOptions;
DeploymentStrategyRollingUpdateOptions.builder()
// .maxSurge(PercentOrAbsolute)
// .maxUnavailable(PercentOrAbsolute)
.build();
maxSurge
Optional ¶
public PercentOrAbsolute getMaxSurge();
- Type:
org.cdk8s.plus29.PercentOrAbsolute
- Default: ‘25%’
The maximum number of pods that can be scheduled above the desired number of pods.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding up.
This can not be 0 if maxUnavailable
is 0.
Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.
maxUnavailable
Optional ¶
public PercentOrAbsolute getMaxUnavailable();
- Type:
org.cdk8s.plus29.PercentOrAbsolute
- Default: ‘25%’
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding down.
This can not be 0 if maxSurge
is 0.
Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.
DnsOption ¶
Custom DNS option.
Initializer ¶
import org.cdk8s.plus29.DnsOption;
DnsOption.builder()
.name(java.lang.String)
// .value(java.lang.String)
.build();
name
Required ¶
public java.lang.String getName();
- Type:
java.lang.String
Option name.
value
Optional ¶
public java.lang.String getValue();
- Type:
java.lang.String
- Default: No value.
Option value.
DockerConfigSecretProps ¶
Options for DockerConfigSecret
.
Initializer ¶
import org.cdk8s.plus29.DockerConfigSecretProps;
DockerConfigSecretProps.builder()
// .metadata(ApiObjectMetadata)
// .immutable(java.lang.Boolean)
.data(java.util.Map<java.lang.String, java.lang.Object>)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
immutable
Optional ¶
public java.lang.Boolean getImmutable();
- Type:
java.lang.Boolean
- Default: false
If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
If not set to true, the field can be modified at any time.
data
Required ¶
public java.util.Map<java.lang.String, java.lang.Object> getData();
- Type: java.util.Map
java.lang.Object>
JSON content to provide for the ~/.docker/config.json
file. This will be stringified and inserted as stringData.
https://docs.docker.com/engine/reference/commandline/cli/#sample-configuration-file
EmptyDirVolumeOptions ¶
Options for volumes populated with an empty directory.
Initializer ¶
import org.cdk8s.plus29.EmptyDirVolumeOptions;
EmptyDirVolumeOptions.builder()
// .medium(EmptyDirMedium)
// .sizeLimit(Size)
.build();
medium
Optional ¶
public EmptyDirMedium getMedium();
- Type:
org.cdk8s.plus29.EmptyDirMedium
- Default: EmptyDirMedium.DEFAULT
By default, emptyDir volumes are stored on whatever medium is backing the node - that might be disk or SSD or network storage, depending on your environment.
However, you can set the emptyDir.medium field to
EmptyDirMedium.MEMORY
to tell Kubernetes to mount a tmpfs (RAM-backed
filesystem) for you instead. While tmpfs is very fast, be aware that unlike
disks, tmpfs is cleared on node reboot and any files you write will count
against your Container’s memory limit.
sizeLimit
Optional ¶
public Size getSizeLimit();
- Type:
org.cdk8s.Size
- Default: limit is undefined
Total amount of local storage required for this EmptyDir volume.
The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod.
EnvValueFromConfigMapOptions ¶
Options to specify an envionment variable value from a ConfigMap key.
Initializer ¶
import org.cdk8s.plus29.EnvValueFromConfigMapOptions;
EnvValueFromConfigMapOptions.builder()
// .optional(java.lang.Boolean)
.build();
optional
Optional ¶
public java.lang.Boolean getOptional();
- Type:
java.lang.Boolean
- Default: false
Specify whether the ConfigMap or its key must be defined.
EnvValueFromFieldRefOptions ¶
Options to specify an environment variable value from a field reference.
Initializer ¶
import org.cdk8s.plus29.EnvValueFromFieldRefOptions;
EnvValueFromFieldRefOptions.builder()
// .apiVersion(java.lang.String)
// .key(java.lang.String)
.build();
apiVersion
Optional ¶
public java.lang.String getApiVersion();
- Type:
java.lang.String
Version of the schema the FieldPath is written in terms of.
key
Optional ¶
public java.lang.String getKey();
- Type:
java.lang.String
The key to select the pod label or annotation.
EnvValueFromProcessOptions ¶
Options to specify an environment variable value from the process environment.
Initializer ¶
import org.cdk8s.plus29.EnvValueFromProcessOptions;
EnvValueFromProcessOptions.builder()
// .required(java.lang.Boolean)
.build();
required
Optional ¶
public java.lang.Boolean getRequired();
- Type:
java.lang.Boolean
- Default: false
Specify whether the key must exist in the environment.
If this is set to true, and the key does not exist, an error will thrown.
EnvValueFromResourceOptions ¶
Options to specify an environment variable value from a resource.
Initializer ¶
import org.cdk8s.plus29.EnvValueFromResourceOptions;
EnvValueFromResourceOptions.builder()
// .container(Container)
// .divisor(java.lang.String)
.build();
container
Optional ¶
public Container getContainer();
The container to select the value from.
divisor
Optional ¶
public java.lang.String getDivisor();
- Type:
java.lang.String
The output format of the exposed resource.
EnvValueFromSecretOptions ¶
Options to specify an environment variable value from a Secret.
Initializer ¶
import org.cdk8s.plus29.EnvValueFromSecretOptions;
EnvValueFromSecretOptions.builder()
// .optional(java.lang.Boolean)
.build();
optional
Optional ¶
public java.lang.Boolean getOptional();
- Type:
java.lang.Boolean
- Default: false
Specify whether the Secret or its key must be defined.
EphemeralStorageResources ¶
Emphemeral storage request and limit.
Initializer ¶
import org.cdk8s.plus29.EphemeralStorageResources;
EphemeralStorageResources.builder()
// .limit(Size)
// .request(Size)
.build();
limit
Optional ¶
public Size getLimit();
- Type:
org.cdk8s.Size
request
Optional ¶
public Size getRequest();
- Type:
org.cdk8s.Size
ExposeDeploymentViaIngressOptions ¶
Options for exposing a deployment via an ingress.
Initializer ¶
import org.cdk8s.plus29.ExposeDeploymentViaIngressOptions;
ExposeDeploymentViaIngressOptions.builder()
// .name(java.lang.String)
// .ports(java.util.List<ServicePort>)
// .serviceType(ServiceType)
// .ingress(Ingress)
// .pathType(HttpIngressPathType)
.build();
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: auto generated.
The name of the service to expose.
If you’d like to expose the deployment multiple times, you must explicitly set a name starting from the second expose call.
ports
Optional ¶
public java.util.List<ServicePort> getPorts();
- Type: java.util.List<
org.cdk8s.plus29.ServicePort
> - Default: extracted from the deployment.
The ports that the service should bind to.
serviceType
Optional ¶
public ServiceType getServiceType();
- Type:
org.cdk8s.plus29.ServiceType
- Default: ClusterIP.
The type of the exposed service.
ingress
Optional ¶
public Ingress getIngress();
- Type:
org.cdk8s.plus29.Ingress
- Default: An ingress will be automatically created.
The ingress to add rules to.
pathType
Optional ¶
public HttpIngressPathType getPathType();
- Type:
org.cdk8s.plus29.HttpIngressPathType
- Default: HttpIngressPathType.PREFIX
The type of the path.
ExposeServiceViaIngressOptions ¶
Options for exposing a service using an ingress.
Initializer ¶
import org.cdk8s.plus29.ExposeServiceViaIngressOptions;
ExposeServiceViaIngressOptions.builder()
// .ingress(Ingress)
// .pathType(HttpIngressPathType)
.build();
ingress
Optional ¶
public Ingress getIngress();
- Type:
org.cdk8s.plus29.Ingress
- Default: An ingress will be automatically created.
The ingress to add rules to.
pathType
Optional ¶
public HttpIngressPathType getPathType();
- Type:
org.cdk8s.plus29.HttpIngressPathType
- Default: HttpIngressPathType.PREFIX
The type of the path.
FromServiceAccountNameOptions ¶
Initializer ¶
import org.cdk8s.plus29.FromServiceAccountNameOptions;
FromServiceAccountNameOptions.builder()
// .namespaceName(java.lang.String)
.build();
namespaceName
Optional ¶
public java.lang.String getNamespaceName();
- Type:
java.lang.String
- Default: “default”
The name of the namespace the service account belongs to.
GCEPersistentDiskPersistentVolumeProps ¶
Properties for GCEPersistentDiskPersistentVolume
.
Initializer ¶
import org.cdk8s.plus29.GCEPersistentDiskPersistentVolumeProps;
GCEPersistentDiskPersistentVolumeProps.builder()
// .metadata(ApiObjectMetadata)
// .accessModes(java.util.List<PersistentVolumeAccessMode>)
// .claim(IPersistentVolumeClaim)
// .mountOptions(java.util.List<java.lang.String>)
// .reclaimPolicy(PersistentVolumeReclaimPolicy)
// .storage(Size)
// .storageClassName(java.lang.String)
// .volumeMode(PersistentVolumeMode)
.pdName(java.lang.String)
// .fsType(java.lang.String)
// .partition(java.lang.Number)
// .readOnly(java.lang.Boolean)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
accessModes
Optional ¶
public java.util.List<PersistentVolumeAccessMode> getAccessModes();
- Type: java.util.List<
org.cdk8s.plus29.PersistentVolumeAccessMode
> - Default: No access modes.
Contains all ways the volume can be mounted.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
claim
Optional ¶
public IPersistentVolumeClaim getClaim();
- Type:
org.cdk8s.plus29.IPersistentVolumeClaim
- Default: Not bound to a specific claim.
Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
Expected to be non-nil when bound.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
mountOptions
Optional ¶
public java.util.List<java.lang.String> getMountOptions();
- Type: java.util.List<
java.lang.String
> - Default: No options.
A list of mount options, e.g. [“ro”, “soft”]. Not validated - mount will simply fail if one is invalid.
https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
reclaimPolicy
Optional ¶
public PersistentVolumeReclaimPolicy getReclaimPolicy();
- Type:
org.cdk8s.plus29.PersistentVolumeReclaimPolicy
- Default: PersistentVolumeReclaimPolicy.RETAIN
When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
The reclaim policy tells the cluster what to do with the volume after it has been released of its claim.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
storage
Optional ¶
public Size getStorage();
- Type:
org.cdk8s.Size
- Default: No specified.
What is the storage capacity of this volume.
https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
storageClassName
Optional ¶
public java.lang.String getStorageClassName();
- Type:
java.lang.String
- Default: Volume does not belong to any storage class.
Name of StorageClass to which this persistent volume belongs.
volumeMode
Optional ¶
public PersistentVolumeMode getVolumeMode();
- Type:
org.cdk8s.plus29.PersistentVolumeMode
- Default: VolumeMode.FILE_SYSTEM
Defines what type of volume is required by the claim.
pdName
Required ¶
public java.lang.String getPdName();
- Type:
java.lang.String
Unique name of the PD resource in GCE.
Used to identify the disk in GCE.
https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
fsType
Optional ¶
public java.lang.String getFsType();
- Type:
java.lang.String
- Default: ‘ext4’
Filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
partition
Optional ¶
public java.lang.Number getPartition();
- Type:
java.lang.Number
- Default: No partition.
The partition in the volume that you want to mount.
If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as “1”. Similarly, the volume partition for /dev/sda is “0” (or you can leave the property empty).
readOnly
Optional ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
- Default: false
Specify “true” to force and set the ReadOnly property in VolumeMounts to “true”.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
GCEPersistentDiskVolumeOptions ¶
Options of Volume.fromGcePersistentDisk
.
Initializer ¶
import org.cdk8s.plus29.GCEPersistentDiskVolumeOptions;
GCEPersistentDiskVolumeOptions.builder()
// .fsType(java.lang.String)
// .name(java.lang.String)
// .partition(java.lang.Number)
// .readOnly(java.lang.Boolean)
.build();
fsType
Optional ¶
public java.lang.String getFsType();
- Type:
java.lang.String
- Default: ‘ext4’
Filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
name
Optional ¶
public java.lang.String getName();
- Type:
java.lang.String
- Default: auto-generated
The volume name.
partition
Optional ¶
public java.lang.Number getPartition();
- Type:
java.lang.Number
- Default: No partition.
The partition in the volume that you want to mount.
If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as “1”. Similarly, the volume partition for /dev/sda is “0” (or you can leave the property empty).
readOnly
Optional ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
- Default: false
Specify “true” to force and set the ReadOnly property in VolumeMounts to “true”.
https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
HandlerFromHttpGetOptions ¶
Options for Handler.fromHttpGet
.
Initializer ¶
import org.cdk8s.plus29.HandlerFromHttpGetOptions;
HandlerFromHttpGetOptions.builder()
// .port(java.lang.Number)
.build();
port
Optional ¶
public java.lang.Number getPort();
- Type:
java.lang.Number
- Default: defaults to
container.port
.
The TCP port to use when sending the GET request.
HandlerFromTcpSocketOptions ¶
Options for Handler.fromTcpSocket
.
Initializer ¶
import org.cdk8s.plus29.HandlerFromTcpSocketOptions;
HandlerFromTcpSocketOptions.builder()
// .host(java.lang.String)
// .port(java.lang.Number)
.build();
host
Optional ¶
public java.lang.String getHost();
- Type:
java.lang.String
- Default: defaults to the pod IP
The host name to connect to on the container.
port
Optional ¶
public java.lang.Number getPort();
- Type:
java.lang.Number
- Default: defaults to
container.port
.
The TCP port to connect to on the container.
HorizontalPodAutoscalerProps ¶
Properties for HorizontalPodAutoscaler.
Initializer ¶
import org.cdk8s.plus29.HorizontalPodAutoscalerProps;
HorizontalPodAutoscalerProps.builder()
// .metadata(ApiObjectMetadata)
.maxReplicas(java.lang.Number)
.target(IScalable)
// .metrics(java.util.List<Metric>)
// .minReplicas(java.lang.Number)
// .scaleDown(ScalingRules)
// .scaleUp(ScalingRules)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
maxReplicas
Required ¶
public java.lang.Number getMaxReplicas();
- Type:
java.lang.Number
The maximum number of replicas that can be scaled up to.
target
Required ¶
public IScalable getTarget();
The workload to scale up or down.
Scalable workload types:
- Deployment
- StatefulSet
metrics
Optional ¶
public java.util.List<Metric> getMetrics();
- Type: java.util.List<
org.cdk8s.plus29.Metric
> - Default: If metrics are not provided, then the target resource constraints (e.g. cpu limit) will be used as scaling metrics.
The metric conditions that trigger a scale up or scale down.
minReplicas
Optional ¶
public java.lang.Number getMinReplicas();
- Type:
java.lang.Number
- Default: 1
The minimum number of replicas that can be scaled down to.
Can be set to 0 if the alpha feature gate HPAScaleToZero
is enabled and
at least one Object or External metric is configured.
scaleDown
Optional ¶
public ScalingRules getScaleDown();
- Type:
org.cdk8s.plus29.ScalingRules
- Default: Scale down to minReplica count with a 5 minute stabilization window.
The scaling behavior when scaling down.
scaleUp
Optional ¶
public ScalingRules getScaleUp();
- Type:
org.cdk8s.plus29.ScalingRules
- Default: Is the higher of:
- Increase no more than 4 pods per 60 seconds
- Double the number of pods per 60 seconds
The scaling behavior when scaling up.
HostAlias ¶
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s /etc/hosts file.
Initializer ¶
import org.cdk8s.plus29.HostAlias;
HostAlias.builder()
.hostnames(java.util.List<java.lang.String>)
.ip(java.lang.String)
.build();
hostnames
Required ¶
public java.util.List<java.lang.String> getHostnames();
- Type: java.util.List<
java.lang.String
>
Hostnames for the chosen IP address.
ip
Required ¶
public java.lang.String getIp();
- Type:
java.lang.String
IP address of the host file entry.
HostPathVolumeOptions ¶
Options for a HostPathVolume-based volume.
Initializer ¶
import org.cdk8s.plus29.HostPathVolumeOptions;
HostPathVolumeOptions.builder()
.path(java.lang.String)
// .type(HostPathVolumeType)
.build();
path
Required ¶
public java.lang.String getPath();
- Type:
java.lang.String
The path of the directory on the host.
type
Optional ¶
public HostPathVolumeType getType();
- Type:
org.cdk8s.plus29.HostPathVolumeType
- Default: HostPathVolumeType.DEFAULT
The expected type of the path found on the host.
HttpGetProbeOptions ¶
Options for Probe.fromHttpGet()
.
Initializer ¶
import org.cdk8s.plus29.HttpGetProbeOptions;
HttpGetProbeOptions.builder()
// .failureThreshold(java.lang.Number)
// .initialDelaySeconds(Duration)
// .periodSeconds(Duration)
// .successThreshold(java.lang.Number)
// .timeoutSeconds(Duration)
// .host(java.lang.String)
// .port(java.lang.Number)
// .scheme(ConnectionScheme)
.build();
failureThreshold
Optional ¶
public java.lang.Number getFailureThreshold();
- Type:
java.lang.Number
- Default: 3
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
initialDelaySeconds
Optional ¶
public Duration getInitialDelaySeconds();
- Type:
org.cdk8s.Duration
- Default: immediate
Number of seconds after the container has started before liveness probes are initiated.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
periodSeconds
Optional ¶
public Duration getPeriodSeconds();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(10) Minimum value is 1.
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
successThreshold
Optional ¶
public java.lang.Number getSuccessThreshold();
- Type:
java.lang.Number
- Default: 1 Must be 1 for liveness and startup. Minimum value is 1.
Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1.
Must be 1 for liveness and startup. Minimum value is 1.
timeoutSeconds
Optional ¶
public Duration getTimeoutSeconds();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(1)
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
host
Optional ¶
public java.lang.String getHost();
- Type:
java.lang.String
- Default: defaults to the pod IP
The host name to connect to on the container.
port
Optional ¶
public java.lang.Number getPort();
- Type:
java.lang.Number
- Default: defaults to
container.port
.
The TCP port to use when sending the GET request.
scheme
Optional ¶
public ConnectionScheme getScheme();
- Type:
org.cdk8s.plus29.ConnectionScheme
- Default: ConnectionScheme.HTTP
Scheme to use for connecting to the host (HTTP or HTTPS).
IngressProps ¶
Properties for Ingress
.
Initializer ¶
import org.cdk8s.plus29.IngressProps;
IngressProps.builder()
// .metadata(ApiObjectMetadata)
// .className(java.lang.String)
// .defaultBackend(IngressBackend)
// .rules(java.util.List<IngressRule>)
// .tls(java.util.List<IngressTls>)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
className
Optional ¶
public java.lang.String getClassName();
- Type:
java.lang.String
Class Name for this ingress.
This field is a reference to an IngressClass resource that contains additional Ingress configuration, including the name of the Ingress controller.
defaultBackend
Optional ¶
public IngressBackend getDefaultBackend();
The default backend services requests that do not match any rule.
Using this option or the addDefaultBackend()
method is equivalent to
adding a rule with both path
and host
undefined.
rules
Optional ¶
public java.util.List<IngressRule> getRules();
- Type: java.util.List<
org.cdk8s.plus29.IngressRule
>
Routing rules for this ingress.
Each rule must define an IngressBackend
that will receive the requests
that match this rule. If both host
and path
are not specifiec, this
backend will be used as the default backend of the ingress.
You can also add rules later using addRule()
, addHostRule()
,
addDefaultBackend()
and addHostDefaultBackend()
.
tls
Optional ¶
public java.util.List<IngressTls> getTls();
- Type: java.util.List<
org.cdk8s.plus29.IngressTls
>
TLS settings for this ingress.
Using this option tells the ingress controller to expose a TLS endpoint. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.
IngressRule ¶
Represents the rules mapping the paths under a specified host to the related backend services.
Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching path.
Initializer ¶
import org.cdk8s.plus29.IngressRule;
IngressRule.builder()
.backend(IngressBackend)
// .host(java.lang.String)
// .path(java.lang.String)
// .pathType(HttpIngressPathType)
.build();
backend
Required ¶
public IngressBackend getBackend();
Backend defines the referenced service endpoint to which the traffic will be forwarded to.
host
Optional ¶
public java.lang.String getHost();
- Type:
java.lang.String
- Default: If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.
Host is the fully qualified domain name of a network host, as defined by RFC 3986.
Note the following deviations from the “host” part of the URI as
defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue
can only apply to the IP in the Spec of the parent Ingress. 2. The :
delimiter is not respected because ports are not allowed. Currently the
port of an Ingress is implicitly :80 for http and :443 for https. Both
these may change in the future. Incoming requests are matched against the
host before the IngressRuleValue.
path
Optional ¶
public java.lang.String getPath();
- Type:
java.lang.String
- Default: If unspecified, the path defaults to a catch all sending traffic to the backend.
Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional “path” part of a URL as defined by RFC 3986. Paths must begin with a ‘/’.
pathType
Optional ¶
public HttpIngressPathType getPathType();
Specify how the path is matched against request paths.
By default, path types will be matched by prefix.
https://kubernetes.io/docs/concepts/services-networking/ingress/#path-types
IngressTls ¶
Represents the TLS configuration mapping that is passed to the ingress controller for SSL termination.
Initializer ¶
import org.cdk8s.plus29.IngressTls;
IngressTls.builder()
// .hosts(java.util.List<java.lang.String>)
// .secret(ISecret)
.build();
hosts
Optional ¶
public java.util.List<java.lang.String> getHosts();
- Type: java.util.List<
java.lang.String
> - Default: If unspecified, it defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress.
Hosts are a list of hosts included in the TLS certificate.
The values in this list must match the name/s used in the TLS Secret.
secret
Optional ¶
public ISecret getSecret();
- Type:
org.cdk8s.plus29.ISecret
- Default: If unspecified, it allows SSL routing based on SNI hostname.
Secret is the secret that contains the certificate and key used to terminate SSL traffic on 443.
If the SNI host in a listener conflicts with the “Host” header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.
JobProps ¶
Properties for Job
.
Initializer ¶
import org.cdk8s.plus29.JobProps;
JobProps.builder()
// .metadata(ApiObjectMetadata)
// .automountServiceAccountToken(java.lang.Boolean)
// .containers(java.util.List<ContainerProps>)
// .dns(PodDnsProps)
// .dockerRegistryAuth(ISecret)
// .hostAliases(java.util.List<HostAlias>)
// .hostNetwork(java.lang.Boolean)
// .initContainers(java.util.List<ContainerProps>)
// .isolate(java.lang.Boolean)
// .restartPolicy(RestartPolicy)
// .securityContext(PodSecurityContextProps)
// .serviceAccount(IServiceAccount)
// .terminationGracePeriod(Duration)
// .volumes(java.util.List<Volume>)
// .podMetadata(ApiObjectMetadata)
// .select(java.lang.Boolean)
// .spread(java.lang.Boolean)
// .activeDeadline(Duration)
// .backoffLimit(java.lang.Number)
// .ttlAfterFinished(Duration)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
automountServiceAccountToken
Optional ¶
public java.lang.Boolean getAutomountServiceAccountToken();
- Type:
java.lang.Boolean
- Default: false
Indicates whether a service account token should be automatically mounted.
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
containers
Optional ¶
public java.util.List<ContainerProps> getContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No containers. Note that a pod spec must include at least one container.
List of containers belonging to the pod.
Containers cannot currently be added or removed. There must be at least one container in a Pod.
You can add additionnal containers using podSpec.addContainer()
dns
Optional ¶
public PodDnsProps getDns();
- Type:
org.cdk8s.plus29.PodDnsProps
- Default: policy: DnsPolicy.CLUSTER_FIRST hostnameAsFQDN: false
DNS settings for the pod.
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
dockerRegistryAuth
Optional ¶
public ISecret getDockerRegistryAuth();
- Type:
org.cdk8s.plus29.ISecret
- Default: No auth. Images are assumed to be publicly available.
A secret containing docker credentials for authenticating to a registry.
hostAliases
Optional ¶
public java.util.List<HostAlias> getHostAliases();
- Type: java.util.List<
org.cdk8s.plus29.HostAlias
>
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
hostNetwork
Optional ¶
public java.lang.Boolean getHostNetwork();
- Type:
java.lang.Boolean
- Default: false
Host network for the pod.
initContainers
Optional ¶
public java.util.List<ContainerProps> getInitContainers();
- Type: java.util.List<
org.cdk8s.plus29.ContainerProps
> - Default: No init containers.
List of initialization containers belonging to the pod.
Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion.
Init containers cannot currently be added ,removed or updated.
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
isolate
Optional ¶
public java.lang.Boolean getIsolate();
- Type:
java.lang.Boolean
- Default: false
Isolates the pod.
This will prevent any ingress or egress connections to / from this pod.
You can however allow explicit connections post instantiation by using the .connections
property.
restartPolicy
Optional ¶
public RestartPolicy getRestartPolicy();
- Type:
org.cdk8s.plus29.RestartPolicy
- Default: RestartPolicy.ALWAYS
Restart policy for all containers within the pod.
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
securityContext
Optional ¶
public PodSecurityContextProps getSecurityContext();
- Type:
org.cdk8s.plus29.PodSecurityContextProps
- Default: fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS ensureNonRoot: true
SecurityContext holds pod-level security attributes and common container settings.
serviceAccount
Optional ¶
public IServiceAccount getServiceAccount();
- Type:
org.cdk8s.plus29.IServiceAccount
- Default: No service account.
A service account provides an identity for processes that run in a Pod.
When you (a human) access the cluster (for example, using kubectl), you are authenticated by the apiserver as a particular User Account (currently this is usually admin, unless your cluster administrator has customized your cluster). Processes in containers inside pods can also contact the apiserver. When they do, they are authenticated as a particular Service Account (for example, default).
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
terminationGracePeriod
Optional ¶
public Duration getTerminationGracePeriod();
- Type:
org.cdk8s.Duration
- Default: Duration.seconds(30)
Grace period until the pod is terminated.
volumes
Optional ¶
public java.util.List<Volume> getVolumes();
- Type: java.util.List<
org.cdk8s.plus29.Volume
> - Default: No volumes.
List of volumes that can be mounted by containers belonging to the pod.
You can also add volumes later using podSpec.addVolume()
https://kubernetes.io/docs/concepts/storage/volumes
podMetadata
Optional ¶
public ApiObjectMetadata getPodMetadata();
The pod metadata of this workload.
select
Optional ¶
public java.lang.Boolean getSelect();
- Type:
java.lang.Boolean
- Default: true
Automatically allocates a pod label selector for this workload and add it to the pod metadata.
This ensures this workload manages pods created by its pod template.
spread
Optional ¶
public java.lang.Boolean getSpread();
- Type:
java.lang.Boolean
- Default: false
Automatically spread pods across hostname and zones.
https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
activeDeadline
Optional ¶
public Duration getActiveDeadline();
- Type:
org.cdk8s.Duration
- Default: If unset, then there is no deadline.
Specifies the duration the job may be active before the system tries to terminate it.
backoffLimit
Optional ¶
public java.lang.Number getBackoffLimit();
- Type:
java.lang.Number
- Default: If not set, system defaults to 6.
Specifies the number of retries before marking this job failed.
ttlAfterFinished
Optional ¶
public Duration getTtlAfterFinished();
- Type:
org.cdk8s.Duration
- Default: If this field is unset, the Job won’t be automatically deleted.
Limits the lifetime of a Job that has finished execution (either Complete or Failed).
If this field is set, after the Job finishes, it is eligible to
be automatically deleted. When the Job is being deleted, its lifecycle
guarantees (e.g. finalizers) will be honored. If this field is set to zero,
the Job becomes eligible to be deleted immediately after it finishes. This
field is alpha-level and is only honored by servers that enable the
TTLAfterFinished
feature.
LabelSelectorOptions ¶
Options for LabelSelector.of
.
Initializer ¶
import org.cdk8s.plus29.LabelSelectorOptions;
LabelSelectorOptions.builder()
// .expressions(java.util.List<LabelExpression>)
// .labels(java.util.Map<java.lang.String, java.lang.String>)
.build();
expressions
Optional ¶
public java.util.List<LabelExpression> getExpressions();
- Type: java.util.List<
org.cdk8s.plus29.LabelExpression
>
Expression based label matchers.
labels
Optional ¶
public java.util.Map<java.lang.String, java.lang.String> getLabels();
- Type: java.util.Map
java.lang.String>
Strict label matchers.
LabelSelectorRequirement ¶
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
Initializer ¶
import org.cdk8s.plus29.LabelSelectorRequirement;
LabelSelectorRequirement.builder()
.key(java.lang.String)
.operator(java.lang.String)
// .values(java.util.List<java.lang.String>)
.build();
key
Required ¶
public java.lang.String getKey();
- Type:
java.lang.String
The label key that the selector applies to.
operator
Required ¶
public java.lang.String getOperator();
- Type:
java.lang.String
Represents a key’s relationship to a set of values.
values
Optional ¶
public java.util.List<java.lang.String> getValues();
- Type: java.util.List<
java.lang.String
>
An array of string values.
If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
MemoryResources ¶
Memory request and limit.
Initializer ¶
import org.cdk8s.plus29.MemoryResources;
MemoryResources.builder()
// .limit(Size)
// .request(Size)
.build();
limit
Optional ¶
public Size getLimit();
- Type:
org.cdk8s.Size
request
Optional ¶
public Size getRequest();
- Type:
org.cdk8s.Size
MetricContainerResourceOptions ¶
Options for Metric.containerResource()
.
Initializer ¶
import org.cdk8s.plus29.MetricContainerResourceOptions;
MetricContainerResourceOptions.builder()
.container(Container)
.target(MetricTarget)
.build();
container
Required ¶
public Container getContainer();
Container where the metric can be found.
target
Required ¶
public MetricTarget getTarget();
Target metric value that will trigger scaling.
MetricObjectOptions ¶
Options for Metric.object()
.
Initializer ¶
import org.cdk8s.plus29.MetricObjectOptions;
MetricObjectOptions.builder()
.name(java.lang.String)
.target(MetricTarget)
// .labelSelector(LabelSelector)
.object(IResource)
.build();
name
Required ¶
public java.lang.String getName();
- Type:
java.lang.String
The name of the metric to scale on.
target
Required ¶
public MetricTarget getTarget();
The target metric value that will trigger scaling.
labelSelector
Optional ¶
public LabelSelector getLabelSelector();
- Type:
org.cdk8s.plus29.LabelSelector
- Default: Just the metric ‘name’ will be used to gather metrics.
A selector to find a metric by label.
When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping.
object
Required ¶
public IResource getObject();
Resource where the metric can be found.
MetricOptions ¶
Base options for a Metric.
Initializer ¶
import org.cdk8s.plus29.MetricOptions;
MetricOptions.builder()
.name(java.lang.String)
.target(MetricTarget)
// .labelSelector(LabelSelector)
.build();
name
Required ¶
public java.lang.String getName();
- Type:
java.lang.String
The name of the metric to scale on.
target
Required ¶
public MetricTarget getTarget();
The target metric value that will trigger scaling.
labelSelector
Optional ¶
public LabelSelector getLabelSelector();
- Type:
org.cdk8s.plus29.LabelSelector
- Default: Just the metric ‘name’ will be used to gather metrics.
A selector to find a metric by label.
When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping.
MountOptions ¶
Options for mounts.
Initializer ¶
import org.cdk8s.plus29.MountOptions;
MountOptions.builder()
// .propagation(MountPropagation)
// .readOnly(java.lang.Boolean)
// .subPath(java.lang.String)
// .subPathExpr(java.lang.String)
.build();
propagation
Optional ¶
public MountPropagation getPropagation();
- Type:
org.cdk8s.plus29.MountPropagation
- Default: MountPropagation.NONE
Determines how mounts are propagated from the host to container and the other way around.
When not set, MountPropagationNone is used.
Mount propagation allows for sharing volumes mounted by a Container to other Containers in the same Pod, or even to other Pods on the same node.
readOnly
Optional ¶
public java.lang.Boolean getReadOnly();
- Type:
java.lang.Boolean
- Default: false
Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.
subPath
Optional ¶
public java.lang.String getSubPath();
- Type:
java.lang.String
- Default: “” the volume’s root
Path within the volume from which the container’s volume should be mounted.).
subPathExpr
Optional ¶
public java.lang.String getSubPathExpr();
- Type:
java.lang.String
- Default: “” volume’s root.
Expanded path within the volume from which the container’s volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container’s environment. Defaults to “” (volume’s root).
subPathExpr
and subPath
are mutually exclusive.
NamespaceProps ¶
Properties for Namespace
.
Initializer ¶
import org.cdk8s.plus29.NamespaceProps;
NamespaceProps.builder()
// .metadata(ApiObjectMetadata)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
NamespaceSelectorConfig ¶
Configuration for selecting namespaces.
Initializer ¶
import org.cdk8s.plus29.NamespaceSelectorConfig;
NamespaceSelectorConfig.builder()
// .labelSelector(LabelSelector)
// .names(java.util.List<java.lang.String>)
.build();
labelSelector
Optional ¶
public LabelSelector getLabelSelector();
A selector to select namespaces by labels.
names
Optional ¶
public java.util.List<java.lang.String> getNames();
- Type: java.util.List<
java.lang.String
>
A list of names to select namespaces by names.
NamespacesSelectOptions ¶
Options for Namespaces.select
.
Initializer ¶
import org.cdk8s.plus29.NamespacesSelectOptions;
NamespacesSelectOptions.builder()
// .expressions(java.util.List<LabelExpression>)
// .labels(java.util.Map<java.lang.String, java.lang.String>)
// .names(java.util.List<java.lang.String>)
.build();
expressions
Optional ¶
public java.util.List<LabelExpression> getExpressions();
- Type: java.util.List<
org.cdk8s.plus29.LabelExpression
> - Default: no selector requirements.
Namespaces must satisfy these selectors.
The selectors query labels, just like the labels
property, but they
provide a more advanced matching mechanism.
labels
Optional ¶
public java.util.Map<java.lang.String, java.lang.String> getLabels();
- Type: java.util.Map
java.lang.String> - Default: no strict labels requirements.
Labels the namespaces must have.
This is equivalent to using an ‘Is’ selector.
names
Optional ¶
public java.util.List<java.lang.String> getNames();
- Type: java.util.List<
java.lang.String
> - Default: no name requirements.
Namespaces names must be one of these.
NetworkPolicyAddEgressRuleOptions ¶
Options for NetworkPolicy.addEgressRule
.
Initializer ¶
import org.cdk8s.plus29.NetworkPolicyAddEgressRuleOptions;
NetworkPolicyAddEgressRuleOptions.builder()
// .ports(java.util.List<NetworkPolicyPort>)
.build();
ports
Optional ¶
public java.util.List<NetworkPolicyPort> getPorts();
- Type: java.util.List<
org.cdk8s.plus29.NetworkPolicyPort
> - Default: If the peer is a managed pod, take its ports. Otherwise, all ports are allowed.
Ports the rule should allow outgoing traffic to.
NetworkPolicyPeerConfig ¶
Configuration for network peers.
A peer can either by an ip block, or a selection of pods, not both.
Initializer ¶
import org.cdk8s.plus29.NetworkPolicyPeerConfig;
NetworkPolicyPeerConfig.builder()
// .ipBlock(NetworkPolicyIpBlock)
// .podSelector(PodSelectorConfig)
.build();
ipBlock
Optional ¶
public NetworkPolicyIpBlock getIpBlock();
The ip block this peer represents.
podSelector
Optional ¶
public PodSelectorConfig getPodSelector();
The pod selector this peer represents.
NetworkPolicyPortProps ¶
Properties for NetworkPolicyPort
.
Initializer ¶
import org.cdk8s.plus29.NetworkPolicyPortProps;
NetworkPolicyPortProps.builder()
// .endPort(java.lang.Number)
// .port(java.lang.Number)
// .protocol(NetworkProtocol)
.build();
endPort
Optional ¶
public java.lang.Number getEndPort();
- Type:
java.lang.Number
- Default: not a port range.
End port (relative to port
).
Only applies if port
is defined.
Use this to specify a port range, rather that a specific one.
port
Optional ¶
public java.lang.Number getPort();
- Type:
java.lang.Number
- Default: all ports are allowed.
Specific port number.
protocol
Optional ¶
public NetworkProtocol getProtocol();
- Type:
org.cdk8s.plus29.NetworkProtocol
- Default: NetworkProtocol.TCP
Protocol.
NetworkPolicyProps ¶
Properties for NetworkPolicy
.
Initializer ¶
import org.cdk8s.plus29.NetworkPolicyProps;
NetworkPolicyProps.builder()
// .metadata(ApiObjectMetadata)
// .egress(NetworkPolicyTraffic)
// .ingress(NetworkPolicyTraffic)
// .selector(IPodSelector)
.build();
metadata
Optional ¶
public ApiObjectMetadata getMetadata();
Metadata that all persisted resources must have, which includes all objects users must create.
egress
Optional ¶
public NetworkPolicyTraffic getEgress();
- Type:
org.cdk8s.plus29.NetworkPolicyTraffic
- Default: the policy doesn’t change egress behavior of the pods it selects.
Egress traffic configuration.
ingress
Optional ¶
public NetworkPolicyTraffic getIngress();
- Type:
org.cdk8s.plus29.NetworkPolicyTraffic
- Default: the policy doesn’t change ingress behavior of the pods it selects.
Ingress traffic configuration.
selector
Optional ¶
public IPodSelector getSelector();
- Type:
org.cdk8s.plus29.IPodSelector
- Default: will select all pods in the namespace of the policy.
Which pods does this policy object applies to.
This can either be a single pod / workload, or a grouping of pods selected
via the Pods.select
function. Rules is applied to any pods selected by this property.
Multiple network policies can select the same set of pods.
In this case, the rules for each are combined additively.
Note that
NetworkPolicyRule ¶
Describes a rule allowing traffic from / to pods matched by a network policy selector.
Initializer ¶
import org.cdk8s.plus29.NetworkPolicyRule;
NetworkPolicyRule.builder()
.peer(INetworkPolicyPeer)
// .ports(java.util.List<NetworkPolicyPort>)
.build();
peer
Required ¶
public INetworkPolicyPeer getPeer();
Peer this rule interacts with.
ports
Optional ¶
public java.util.List<NetworkPolicyPort> getPorts();
- Type: java.util.List<
org.cdk8s.plus29.NetworkPolicyPort
> - Default: traffic is allowed on all ports.
The ports of the rule.
NetworkPolicyTraffic ¶
Describes how the network policy should configure egress / ingress traffic.
Initializer ¶
import org.cdk8s.plus29.NetworkPolicyTraffic;
NetworkPolicyTraffic.builder()
// .default(NetworkPolicyTrafficDefault)
// .rules(java.util.List<NetworkPolicyRule>)
.build();
default
Optional ¶
public NetworkPolicyTrafficDefault getDefault();
- Type:
org.cdk8s.plus29.NetworkPolicyTrafficDefault
- Default: unset, the policy does not change the behavior.
Specifies the default behavior of the policy when no rules are defined.
rules
Optional ¶
public java.util.List<NetworkPolicyRule> getRules();
- Type: java.util.List<
org.cdk8s.plus29.NetworkPolicyRule
> - Default: no rules
List of rules to be applied to the selected pods.
I