云原生|kubernetes|kubernetes资源备份和集群迁移神器velero的部署和使用
前言:
kubernetes集群需要灾备吗?kubernetes需要迁移吗? 答案肯定是需要的
那么,如何做kubernetes灾备和迁移呢?当然了,有很多的方法,例如,自己编写shell脚本,或者使用专业的灾备工具,但shell编写复杂,也可能会有所遗漏,对比其它的kubernetes专业备份软件,很多备份条件苛刻,安装部署困难,或者恢复只能一把梭,也就是备份和恢复不太灵活的那种样子,比如,Kasten K10 就部署比较麻烦(过于重),备份也不太灵光的样子。
velero 这个备份工具比较好,优点有 部署简单,快速,备份范围可定制,例如只备份deployment这样的资源,只备份某个namespace等等,也就是备份范围灵活,可控,恢复速度也是很快的,在kubernetes集群迁移方面也是基本没有缺点,只是在安全性方面可能不是特别的确定,因为velero主要是基于对象存储插件来备份的,一般是obs,oss或者minio,而这些面向对象存储的安全性无法确定的保障,关键的是该软件是go语言编写的,天生和kubernetes这样的云原生对味。
下面本文将就velero的部署和基本使用做一个介绍。
一,
示例环境介绍
VMware虚拟机,四台服务器,IP地址分别是192.168.123.11,192.168.123.12,192.168.123.13,192.168.123.14 操作系统是centos-7.5 ,内核版本是3.10, kubernetes集群是通过kubekey部署的,版本是1.23.16, 三个master节点,一个工作节点:
下面是环境详情:
[root@node4 nginx-app]# k get no
NAME STATUS ROLES AGE VERSION
node1 Ready control-plane,master 160d v1.23.16
node2 Ready control-plane,master 160d v1.23.16
node3 Ready control-plane,master 160d v1.23.16
node4 Ready worker 160d v1.23.16
[root@node4 nginx-app]# cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)[root@node4 nginx-app]# uname -a
Linux node4 3.10.0-1062.el7.x86_64 #1 SMP Wed Aug 7 18:08:02 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux[root@node4 nginx-app]# k top no
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
node1 162m 4% 3131Mi 96%
node2 136m 3% 2958Mi 90%
node3 132m 3% 3047Mi 93%
node4 104m 2% 1609Mi 49%
[root@node4 nginx-app]# k get po -A -owide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system calico-kube-controllers-84897d7cdf-crnmk 1/1 Running 1 (15h ago) 18h 10.244.32.17 node2 <none> <none>
kube-system calico-node-2m7hp 1/1 Running 15 (13d ago) 160d 192.168.123.11 node1 <none> <none>
kube-system calico-node-5ztjk 1/1 Running 8 (18h ago) 160d 192.168.123.14 node4 <none> <none>
kube-system calico-node-96dmb 1/1 Running 9 (39d ago) 160d 192.168.123.13 node3 <none> <none>
kube-system calico-node-rqp2p 1/1 Running 213 (15h ago) 160d 192.168.123.12 node2 <none> <none>
kube-system coredns-b7c47bcdc-6vdk2 1/1 Running 0 39d 10.244.26.10 node1 <none> <none>
kube-system coredns-b7c47bcdc-db9cp 1/1 Running 1 (15h ago) 18h 10.244.32.18 node2 <none> <none>
kube-system haproxy-node4 1/1 Running 5 (18h ago) 160d 192.168.123.14 node4 <none> <none>
kube-system kube-apiserver-node1 1/1 Running 161 (104d ago) 160d 192.168.123.11 node1 <none> <none>
kube-system kube-apiserver-node2 1/1 Running 8 (15h ago) 160d 192.168.123.12 node2 <none> <none>
kube-system kube-apiserver-node3 1/1 Running 7 (42h ago) 160d 192.168.123.13 node3 <none> <none>
kube-system kube-controller-manager-node1 1/1 Running 12 (43h ago) 160d 192.168.123.11 node1 <none> <none>
kube-system kube-controller-manager-node2 1/1 Running 11 (15h ago) 160d 192.168.123.12 node2 <none> <none>
kube-system kube-controller-manager-node3 1/1 Running 14 (9h ago) 160d 192.168.123.13 node3 <none> <none>
kube-system kube-proxy-649mn 1/1 Running 5 (18h ago) 160d 192.168.123.14 node4 <none> <none>
kube-system kube-proxy-7q7ts 1/1 Running 6 (39d ago) 160d 192.168.123.13 node3 <none> <none>
kube-system kube-proxy-dmd7v 1/1 Running 8 (15h ago) 160d 192.168.123.12 node2 <none> <none>
kube-system kube-proxy-fpb6z 1/1 Running 5 (104d ago) 160d 192.168.123.11 node1 <none> <none>
kube-system kube-scheduler-node1 1/1 Running 15 (2d20h ago) 160d 192.168.123.11 node1 <none> <none>
kube-system kube-scheduler-node2 1/1 Running 12 (15h ago) 160d 192.168.123.12 node2 <none> <none>
kube-system kube-scheduler-node3 1/1 Running 12 (42h ago) 160d 192.168.123.13 node3 <none> <none>
kube-system kube-state-metrics-57794dcf65-rl967 1/1 Running 0 4h38m 10.244.41.62 node4 <none> <none>
kube-system metrics-server-5fcc7b68b7-wsrk7 1/1 Running 2 (4h38m ago) 4h38m 10.244.41.63 node4 <none> <none>
kube-system nodelocaldns-565pz 1/1 Running 8 (15h ago) 160d 192.168.123.12 node2 <none> <none>
kube-system nodelocaldns-dpwlx 1/1 Running 6 (39d ago) 160d 192.168.123.13 node3 <none> <none>
kube-system nodelocaldns-ndlbw 1/1 Running 5 (18h ago) 160d 192.168.123.14 node4 <none> <none>
kube-system nodelocaldns-r8gjl 1/1 Running 5 (104d ago) 160d 192.168.123.11 node1 <none> <none>
velero nginx-6888c79454-rhgdw 1/1 Running 0 4h8m 10.244.41.67 node4 <none> <none>
velero restic-2wkqs 1/1 Running 0 4h8m 10.244.32.21 node2 <none> <none>
velero restic-kw2wl 1/1 Running 0 4h8m 10.244.26.13 node1 <none> <none>
velero restic-qv6rn 1/1 Running 0 4h8m 10.244.28.10 node3 <none> <none>
velero restic-ssfrg 1/1 Running 0 4h8m 10.244.41.65 node4 <none> <none>
velero velero-fbb9469f6-vf4z5 1/1 Running 0 4h8m 10.244.41.64 node4 <none> <none>
二,
velero的强依赖
前面也说了velero需要对象存储插件或者服务,这里可以是oss,obs,minio这样的常用的对象存储,本例既然是做实验,当然不会搞一个云厂商主流的oos,显然部署oos是不现实的嘛,那么,minio还是可以搞一搞的,前两天已经把部署minio分布式集群写过了,在这里就不重复了,见我的博客:
云原生|对象存储|minio分布式集群的搭建和初步使用(可用于生产)-CSDN博客
三,
velero的下载和部署
下载地址:https://github.com/vmware-tanzu/velero/releases?page=4
本例使用的版本是velero-v1.9.4-linux-amd64.tar.gz
部署:
解压文件后,扔到/usr/bin/目录下即可,确认版本,最好是放置在kubernetes集群的管理节点,因为velero需要使用KUBECONFIG来获取备份所需的信息:
[root@node4 nginx-app]# velero version
Client:Version: v1.9.4Git commit: ddfc962282783cf2f0bf364c9d721f88fa4cc058
Server:Version: v1.9.4
该命令可以像kubelet一样设置自动补全,Linux下的自动补全非常简单,前提是安装bash_complete:
velero completion bash >/etc/bash_completion.d/veleroIf you have an alias for velero, you can extend shell completion to work with that alias(如果需要简化命令和自动补全,执行下面的命令即可):
echo 'alias v=velero' >>~/.bashrc
echo 'complete -F __start_velero v' >>~/.bashrc下面是通过命令生成部署清单文件,一般不建议直接安装,毕竟留一个安装文件也好及时调整修改嘛(--dry-run 然后输出为yaml):
minio的console用户和密码
[root@node4 ~]# cat credentials-velero
[default]
aws_access_key_id=minioadmin
aws_secret_access_key=minioadmin
需要注意,kubernetes集群的版本必须是1.16及以上,如果是使用minio,下面的命令不需要更改,s3url根据实际情况填写,minio登录web管理界面,创建一个桶,桶名称为velero 就可以了
velero install --use-restic --provider aws --plugins velero/velero-plugin-for-aws:v1.5.0 --bucket velero --secret-file /root/credentials-velero --use-volume-snapshots=false --backup-location-config region=minio,s3ForcePathStyle="true",s3Url=http://192.168.123.11:39111 --dry-run -o yaml > velero.yaml
部署清单文件的内容(内容非常长):
apiVersion: v1
items:
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: backups.velero.iospec:group: velero.ionames:kind: BackuplistKind: BackupListplural: backupssingular: backupscope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: Backup is a Velero resource that represents the capture ofKubernetes cluster state at a point in time (API objects and associatedvolume state).properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: BackupSpec defines the specification for a Velero backup.properties:csiSnapshotTimeout:description: CSISnapshotTimeout specifies the time used to waitfor CSI VolumeSnapshot status turns to ReadyToUse during creation,before returning error as timeout. The default value is 10 minute.type: stringdefaultVolumesToRestic:description: DefaultVolumesToRestic specifies whether restic shouldbe used to take a backup of all pod volumes by default.type: booleanexcludedNamespaces:description: ExcludedNamespaces contains a list of namespaces thatare not included in the backup.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources is a slice of resource names thatare not included in the backup.items:type: stringnullable: truetype: arrayhooks:description: Hooks represent custom behaviors that should be executedat different phases of the backup.properties:resources:description: Resources are hooks that should be executed whenbacking up individual instances of a resource.items:description: BackupResourceHookSpec defines one or more BackupResourceHooksthat should be executed based on the rules defined for namespaces,resources, and label selector.properties:excludedNamespaces:description: ExcludedNamespaces specifies the namespacesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources specifies the resourcesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayincludedNamespaces:description: IncludedNamespaces specifies the namespacesto which this hook spec applies. If empty, it appliesto all namespaces.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources specifies the resourcesto which this hook spec applies. If empty, it appliesto all resources.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector, if specified, filters theresources to which this hook spec applies.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator thatrelates the key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In,NotIn, Exists and DoesNotExist.type: stringvalues:description: values is an array of string values.If the operator is In or NotIn, the valuesarray must be non-empty. If the operator isExists or DoesNotExist, the values array mustbe empty. This array is replaced during astrategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs.A single {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key fieldis "key", the operator is "In", and the values arraycontains only "value". The requirements are ANDed.type: objecttype: objectname:description: Name is the name of this hook.type: stringpost:description: PostHooks is a list of BackupResourceHooksto execute after storing the item in the backup. Theseare executed after all "additional items" from itemactions are processed.items:description: BackupResourceHook defines a hook for aresource.properties:exec:description: Exec defines an exec hook.properties:command:description: Command is the command and argumentsto execute.items:type: stringminItems: 1type: arraycontainer:description: Container is the container in thepod where the command should be executed.If not specified, the pod's first containeris used.type: stringonError:description: OnError specifies how Velero shouldbehave if it encounters an error executingthis hook.enum:- Continue- Failtype: stringtimeout:description: Timeout defines the maximum amountof time Velero should wait for the hook tocomplete before considering the executiona failure.type: stringrequired:- commandtype: objectrequired:- exectype: objecttype: arraypre:description: PreHooks is a list of BackupResourceHooksto execute prior to storing the item in the backup.These are executed before any "additional items" fromitem actions are processed.items:description: BackupResourceHook defines a hook for aresource.properties:exec:description: Exec defines an exec hook.properties:command:description: Command is the command and argumentsto execute.items:type: stringminItems: 1type: arraycontainer:description: Container is the container in thepod where the command should be executed.If not specified, the pod's first containeris used.type: stringonError:description: OnError specifies how Velero shouldbehave if it encounters an error executingthis hook.enum:- Continue- Failtype: stringtimeout:description: Timeout defines the maximum amountof time Velero should wait for the hook tocomplete before considering the executiona failure.type: stringrequired:- commandtype: objectrequired:- exectype: objecttype: arrayrequired:- nametype: objectnullable: truetype: arraytype: objectincludeClusterResources:description: IncludeClusterResources specifies whether cluster-scopedresources should be included for consideration in the backup.nullable: truetype: booleanincludedNamespaces:description: IncludedNamespaces is a slice of namespace names toinclude objects from. If empty, all namespaces are included.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources is a slice of resource names to includein the backup. If empty, all resources are included.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector is a metav1.LabelSelector to filter withwhen adding individual objects to the backup. If empty or nil,all objects are included. Optional.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selector requirements.The requirements are ANDed.items:description: A label selector requirement is a selector thatcontains values, a key, and an operator that relates thekey and values.properties:key:description: key is the label key that the selector appliesto.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn, Existsand DoesNotExist.type: stringvalues:description: values is an array of string values. If theoperator is In or NotIn, the values array must be non-empty.If the operator is Exists or DoesNotExist, the valuesarray must be empty. This array is replaced during astrategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs. A single{key,value} in the matchLabels map is equivalent to an elementof matchExpressions, whose key field is "key", the operatoris "In", and the values array contains only "value". The requirementsare ANDed.type: objecttype: objectmetadata:properties:labels:additionalProperties:type: stringtype: objecttype: objectorLabelSelectors:description: OrLabelSelectors is list of metav1.LabelSelector tofilter with when adding individual objects to the backup. If multipleprovided they will be joined by the OR operator. LabelSelectoras well as OrLabelSelectors cannot co-exist in backup request,only one of them can be used.items:description: A label selector is a label query over a set of resources.The result of matchLabels and matchExpressions are ANDed. Anempty label selector matches all objects. A null label selectormatches no objects.properties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator that relatesthe key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn,Exists and DoesNotExist.type: stringvalues:description: values is an array of string values. Ifthe operator is In or NotIn, the values array mustbe non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replacedduring a strategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs. Asingle {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key field is "key",the operator is "In", and the values array contains only"value". The requirements are ANDed.type: objecttype: objectnullable: truetype: arrayorderedResources:additionalProperties:type: stringdescription: OrderedResources specifies the backup order of resourcesof specific Kind. The map key is the Kind name and value is alist of resource names separated by commas. Each resource namehas format "namespace/resourcename". For cluster resources, simplyuse "resourcename".nullable: truetype: objectsnapshotVolumes:description: SnapshotVolumes specifies whether to take cloud snapshotsof any PV's referenced in the set of objects included in the Backup.nullable: truetype: booleanstorageLocation:description: StorageLocation is a string containing the name ofa BackupStorageLocation where the backup should be stored.type: stringttl:description: TTL is a time.Duration-parseable string describinghow long the Backup should be retained for.type: stringvolumeSnapshotLocations:description: VolumeSnapshotLocations is a list containing namesof VolumeSnapshotLocations associated with this backup.items:type: stringtype: arraytype: objectstatus:description: BackupStatus captures the current status of a Velero backup.properties:completionTimestamp:description: CompletionTimestamp records the time a backup was completed.Completion time is recorded even on failed backups. Completiontime is recorded before uploading the backup object. The server'stime is used for CompletionTimestampsformat: date-timenullable: truetype: stringcsiVolumeSnapshotsAttempted:description: CSIVolumeSnapshotsAttempted is the total number ofattempted CSI VolumeSnapshots for this backup.type: integercsiVolumeSnapshotsCompleted:description: CSIVolumeSnapshotsCompleted is the total number ofsuccessfully completed CSI VolumeSnapshots for this backup.type: integererrors:description: Errors is a count of all error messages that were generatedduring execution of the backup. The actual errors are in thebackup's log file in object storage.type: integerexpiration:description: Expiration is when this Backup is eligible for garbage-collection.format: date-timenullable: truetype: stringfailureReason:description: FailureReason is an error that caused the entire backupto fail.type: stringformatVersion:description: FormatVersion is the backup format version, includingmajor, minor, and patch version.type: stringphase:description: Phase is the current state of the Backup.enum:- New- FailedValidation- InProgress- Completed- PartiallyFailed- Failed- Deletingtype: stringprogress:description: Progress contains information about the backup's executionprogress. Note that this information is best-effort only -- ifVelero fails to update it during a backup for any reason, it maybe inaccurate/stale.nullable: trueproperties:itemsBackedUp:description: ItemsBackedUp is the number of items that haveactually been written to the backup tarball so far.type: integertotalItems:description: TotalItems is the total number of items to be backedup. This number may change throughout the execution of thebackup due to plugins that return additional related itemsto back up, the velero.io/exclude-from-backup label, and variousother filters that happen as items are processed.type: integertype: objectstartTimestamp:description: StartTimestamp records the time a backup was started.Separate from CreationTimestamp, since that value changes on restores.The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringvalidationErrors:description: ValidationErrors is a slice of all validation errors(if applicable).items:type: stringnullable: truetype: arrayversion:description: 'Version is the backup format major version. Deprecated:Please see FormatVersion'type: integervolumeSnapshotsAttempted:description: VolumeSnapshotsAttempted is the total number of attemptedvolume snapshots for this backup.type: integervolumeSnapshotsCompleted:description: VolumeSnapshotsCompleted is the total number of successfullycompleted volume snapshots for this backup.type: integerwarnings:description: Warnings is a count of all warning messages that weregenerated during execution of the backup. The actual warningsare in the backup's log file in object storage.type: integertype: objecttype: objectserved: truestorage: true
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: backupstoragelocations.velero.iospec:group: velero.ionames:kind: BackupStorageLocationlistKind: BackupStorageLocationListplural: backupstoragelocationsshortNames:- bslsingular: backupstoragelocationscope: Namespacedversions:- additionalPrinterColumns:- description: Backup Storage Location status such as Available/UnavailablejsonPath: .status.phasename: Phasetype: string- description: LastValidationTime is the last time the backup store locationwas validatedjsonPath: .status.lastValidationTimename: Last Validatedtype: date- jsonPath: .metadata.creationTimestampname: Agetype: date- description: Default backup storage locationjsonPath: .spec.defaultname: Defaulttype: booleanname: v1schema:openAPIV3Schema:description: BackupStorageLocation is a location where Velero stores backupobjectsproperties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: BackupStorageLocationSpec defines the desired state ofa Velero BackupStorageLocationproperties:accessMode:description: AccessMode defines the permissions for the backup storagelocation.enum:- ReadOnly- ReadWritetype: stringbackupSyncPeriod:description: BackupSyncPeriod defines how frequently to sync backupAPI objects from object storage. A value of 0 disables sync.nullable: truetype: stringconfig:additionalProperties:type: stringdescription: Config is for provider-specific configuration fields.type: objectcredential:description: Credential contains the credential information intendedto be used with this locationproperties:key:description: The key of the secret to select from. Must bea valid secret key.type: stringname:description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid?'type: stringoptional:description: Specify whether the Secret or its key must be definedtype: booleanrequired:- keytype: objectdefault:description: Default indicates this location is the default backupstorage location.type: booleanobjectStorage:description: ObjectStorageLocation specifies the settings necessaryto connect to a provider's object storage.properties:bucket:description: Bucket is the bucket to use for object storage.type: stringcaCert:description: CACert defines a CA bundle to use when verifyingTLS connections to the provider.format: bytetype: stringprefix:description: Prefix is the path inside a bucket to use for Velerostorage. Optional.type: stringrequired:- buckettype: objectprovider:description: Provider is the provider of the backup storage.type: stringvalidationFrequency:description: ValidationFrequency defines how frequently to validatethe corresponding object storage. A value of 0 disables validation.nullable: truetype: stringrequired:- objectStorage- providertype: objectstatus:description: BackupStorageLocationStatus defines the observed stateof BackupStorageLocationproperties:accessMode:description: "AccessMode is an unused field. \n Deprecated: thereis now an AccessMode field on the Spec and this field will beremoved entirely as of v2.0."enum:- ReadOnly- ReadWritetype: stringlastSyncedRevision:description: "LastSyncedRevision is the value of the `metadata/revision`file in the backup storage location the last time the BSL's contentswere synced into the cluster. \n Deprecated: this field is nolonger updated or used for detecting changes to the location'scontents and will be removed entirely in v2.0."type: stringlastSyncedTime:description: LastSyncedTime is the last time the contents of thelocation were synced into the cluster.format: date-timenullable: truetype: stringlastValidationTime:description: LastValidationTime is the last time the backup storelocation was validated the cluster.format: date-timenullable: truetype: stringmessage:description: Message is a message about the backup storage location'sstatus.type: stringphase:description: Phase is the current state of the BackupStorageLocation.enum:- Available- Unavailabletype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: deletebackuprequests.velero.iospec:group: velero.ionames:kind: DeleteBackupRequestlistKind: DeleteBackupRequestListplural: deletebackuprequestssingular: deletebackuprequestscope: Namespacedversions:- additionalPrinterColumns:- description: The name of the backup to be deletedjsonPath: .spec.backupNamename: BackupNametype: string- description: The status of the deletion requestjsonPath: .status.phasename: Statustype: stringname: v1schema:openAPIV3Schema:description: DeleteBackupRequest is a request to delete one or more backups.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: DeleteBackupRequestSpec is the specification for whichbackups to delete.properties:backupName:type: stringrequired:- backupNametype: objectstatus:description: DeleteBackupRequestStatus is the current status of a DeleteBackupRequest.properties:errors:description: Errors contains any errors that were encountered duringthe deletion process.items:type: stringnullable: truetype: arrayphase:description: Phase is the current state of the DeleteBackupRequest.enum:- New- InProgress- Processedtype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: downloadrequests.velero.iospec:group: velero.ionames:kind: DownloadRequestlistKind: DownloadRequestListplural: downloadrequestssingular: downloadrequestscope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: DownloadRequest is a request to download an artifact from backupobject storage, such as a backup log file.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: DownloadRequestSpec is the specification for a downloadrequest.properties:target:description: Target is what to download (e.g. logs for a backup).properties:kind:description: Kind is the type of file to download.enum:- BackupLog- BackupContents- BackupVolumeSnapshots- BackupItemSnapshots- BackupResourceList- RestoreLog- RestoreResults- CSIBackupVolumeSnapshots- CSIBackupVolumeSnapshotContentstype: stringname:description: Name is the name of the kubernetes resource withwhich the file is associated.type: stringrequired:- kind- nametype: objectrequired:- targettype: objectstatus:description: DownloadRequestStatus is the current status of a DownloadRequest.properties:downloadURL:description: DownloadURL contains the pre-signed URL for the targetfile.type: stringexpiration:description: Expiration is when this DownloadRequest expires andcan be deleted by the system.format: date-timenullable: truetype: stringphase:description: Phase is the current state of the DownloadRequest.enum:- New- Processedtype: stringtype: objecttype: objectserved: truestorage: true
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: podvolumebackups.velero.iospec:group: velero.ionames:kind: PodVolumeBackuplistKind: PodVolumeBackupListplural: podvolumebackupssingular: podvolumebackupscope: Namespacedversions:- additionalPrinterColumns:- description: Pod Volume Backup status such as New/InProgressjsonPath: .status.phasename: Statustype: string- description: Time when this backup was startedjsonPath: .status.startTimestampname: Createdtype: date- description: Namespace of the pod containing the volume to be backed upjsonPath: .spec.pod.namespacename: Namespacetype: string- description: Name of the pod containing the volume to be backed upjsonPath: .spec.pod.namename: Podtype: string- description: Name of the volume to be backed upjsonPath: .spec.volumename: Volumetype: string- description: Restic repository identifier for this backupjsonPath: .spec.repoIdentifiername: Restic Repotype: string- description: Name of the Backup Storage Location where this backup shouldbe storedjsonPath: .spec.backupStorageLocationname: Storage Locationtype: string- jsonPath: .metadata.creationTimestampname: Agetype: datename: v1schema:openAPIV3Schema:properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: PodVolumeBackupSpec is the specification for a PodVolumeBackup.properties:backupStorageLocation:description: BackupStorageLocation is the name of the backup storagelocation where the restic repository is stored.type: stringnode:description: Node is the name of the node that the Pod is runningon.type: stringpod:description: Pod is a reference to the pod containing the volumeto be backed up.properties:apiVersion:description: API version of the referent.type: stringfieldPath:description: 'If referring to a piece of an object instead ofan entire object, this string should contain a valid JSON/Gofield access statement, such as desiredState.manifest.containers[2].For example, if the object reference is to a container withina pod, this would take on a value like: "spec.containers{name}"(where "name" refers to the name of the container that triggeredthe event) or if no container name is specified "spec.containers[2]"(container with index 2 in this pod). This syntax is chosenonly to have some well-defined way of referencing a part ofan object. TODO: this design is not final and this field issubject to change in the future.'type: stringkind:description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringname:description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'type: stringnamespace:description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'type: stringresourceVersion:description: 'Specific resourceVersion to which this referenceis made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'type: stringuid:description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'type: stringtype: objectrepoIdentifier:description: RepoIdentifier is the restic repository identifier.type: stringtags:additionalProperties:type: stringdescription: Tags are a map of key-value pairs that should be appliedto the volume backup as tags.type: objectvolume:description: Volume is the name of the volume within the Pod tobe backed up.type: stringrequired:- backupStorageLocation- node- pod- repoIdentifier- volumetype: objectstatus:description: PodVolumeBackupStatus is the current status of a PodVolumeBackup.properties:completionTimestamp:description: CompletionTimestamp records the time a backup was completed.Completion time is recorded even on failed backups. Completiontime is recorded before uploading the backup object. The server'stime is used for CompletionTimestampsformat: date-timenullable: truetype: stringmessage:description: Message is a message about the pod volume backup'sstatus.type: stringpath:description: Path is the full path within the controller pod beingbacked up.type: stringphase:description: Phase is the current state of the PodVolumeBackup.enum:- New- InProgress- Completed- Failedtype: stringprogress:description: Progress holds the total number of bytes of the volumeand the current number of backed up bytes. This can be used todisplay progress information about the backup operation.properties:bytesDone:format: int64type: integertotalBytes:format: int64type: integertype: objectsnapshotID:description: SnapshotID is the identifier for the snapshot of thepod volume.type: stringstartTimestamp:description: StartTimestamp records the time a backup was started.Separate from CreationTimestamp, since that value changes on restores.The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: podvolumerestores.velero.iospec:group: velero.ionames:kind: PodVolumeRestorelistKind: PodVolumeRestoreListplural: podvolumerestoressingular: podvolumerestorescope: Namespacedversions:- additionalPrinterColumns:- description: Namespace of the pod containing the volume to be restoredjsonPath: .spec.pod.namespacename: Namespacetype: string- description: Name of the pod containing the volume to be restoredjsonPath: .spec.pod.namename: Podtype: string- description: Name of the volume to be restoredjsonPath: .spec.volumename: Volumetype: string- description: Pod Volume Restore status such as New/InProgressjsonPath: .status.phasename: Statustype: string- description: Pod Volume Restore status such as New/InProgressformat: int64jsonPath: .status.progress.totalBytesname: TotalBytestype: integer- description: Pod Volume Restore status such as New/InProgressformat: int64jsonPath: .status.progress.bytesDonename: BytesDonetype: integer- jsonPath: .metadata.creationTimestampname: Agetype: datename: v1schema:openAPIV3Schema:properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: PodVolumeRestoreSpec is the specification for a PodVolumeRestore.properties:backupStorageLocation:description: BackupStorageLocation is the name of the backup storagelocation where the restic repository is stored.type: stringpod:description: Pod is a reference to the pod containing the volumeto be restored.properties:apiVersion:description: API version of the referent.type: stringfieldPath:description: 'If referring to a piece of an object instead ofan entire object, this string should contain a valid JSON/Gofield access statement, such as desiredState.manifest.containers[2].For example, if the object reference is to a container withina pod, this would take on a value like: "spec.containers{name}"(where "name" refers to the name of the container that triggeredthe event) or if no container name is specified "spec.containers[2]"(container with index 2 in this pod). This syntax is chosenonly to have some well-defined way of referencing a part ofan object. TODO: this design is not final and this field issubject to change in the future.'type: stringkind:description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringname:description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'type: stringnamespace:description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'type: stringresourceVersion:description: 'Specific resourceVersion to which this referenceis made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'type: stringuid:description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'type: stringtype: objectrepoIdentifier:description: RepoIdentifier is the restic repository identifier.type: stringsnapshotID:description: SnapshotID is the ID of the volume snapshot to be restored.type: stringvolume:description: Volume is the name of the volume within the Pod tobe restored.type: stringrequired:- backupStorageLocation- pod- repoIdentifier- snapshotID- volumetype: objectstatus:description: PodVolumeRestoreStatus is the current status of a PodVolumeRestore.properties:completionTimestamp:description: CompletionTimestamp records the time a restore wascompleted. Completion time is recorded even on failed restores.The server's time is used for CompletionTimestampsformat: date-timenullable: truetype: stringmessage:description: Message is a message about the pod volume restore'sstatus.type: stringphase:description: Phase is the current state of the PodVolumeRestore.enum:- New- InProgress- Completed- Failedtype: stringprogress:description: Progress holds the total number of bytes of the snapshotand the current number of restored bytes. This can be used todisplay progress information about the restore operation.properties:bytesDone:format: int64type: integertotalBytes:format: int64type: integertype: objectstartTimestamp:description: StartTimestamp records the time a restore was started.The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: resticrepositories.velero.iospec:group: velero.ionames:kind: ResticRepositorylistKind: ResticRepositoryListplural: resticrepositoriessingular: resticrepositoryscope: Namespacedversions:- additionalPrinterColumns:- jsonPath: .metadata.creationTimestampname: Agetype: datename: v1schema:openAPIV3Schema:properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: ResticRepositorySpec is the specification for a ResticRepository.properties:backupStorageLocation:description: BackupStorageLocation is the name of the BackupStorageLocationthat should contain this repository.type: stringmaintenanceFrequency:description: MaintenanceFrequency is how often maintenance shouldbe run.type: stringresticIdentifier:description: ResticIdentifier is the full restic-compatible stringfor identifying this repository.type: stringvolumeNamespace:description: VolumeNamespace is the namespace this restic repositorycontains pod volume backups for.type: stringrequired:- backupStorageLocation- maintenanceFrequency- resticIdentifier- volumeNamespacetype: objectstatus:description: ResticRepositoryStatus is the current status of a ResticRepository.properties:lastMaintenanceTime:description: LastMaintenanceTime is the last time maintenance wasrun.format: date-timenullable: truetype: stringmessage:description: Message is a message about the current status of theResticRepository.type: stringphase:description: Phase is the current state of the ResticRepository.enum:- New- Ready- NotReadytype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: restores.velero.iospec:group: velero.ionames:kind: RestorelistKind: RestoreListplural: restoressingular: restorescope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: Restore is a Velero resource that represents the applicationof resources from a Velero backup to a target Kubernetes cluster.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: RestoreSpec defines the specification for a Velero restore.properties:backupName:description: BackupName is the unique name of the Velero backupto restore from.type: stringexcludedNamespaces:description: ExcludedNamespaces contains a list of namespaces thatare not included in the restore.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources is a slice of resource names thatare not included in the restore.items:type: stringnullable: truetype: arrayexistingResourcePolicy:description: ExistingResourcePolicy specifies the restore behaviourfor the kubernetes resource to be restorednullable: truetype: stringhooks:description: Hooks represent custom behaviors that should be executedduring or post restore.properties:resources:items:description: RestoreResourceHookSpec defines one or more RestoreResrouceHooksthat should be executed based on the rules defined for namespaces,resources, and label selector.properties:excludedNamespaces:description: ExcludedNamespaces specifies the namespacesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources specifies the resourcesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayincludedNamespaces:description: IncludedNamespaces specifies the namespacesto which this hook spec applies. If empty, it appliesto all namespaces.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources specifies the resourcesto which this hook spec applies. If empty, it appliesto all resources.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector, if specified, filters theresources to which this hook spec applies.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator thatrelates the key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In,NotIn, Exists and DoesNotExist.type: stringvalues:description: values is an array of string values.If the operator is In or NotIn, the valuesarray must be non-empty. If the operator isExists or DoesNotExist, the values array mustbe empty. This array is replaced during astrategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs.A single {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key fieldis "key", the operator is "In", and the values arraycontains only "value". The requirements are ANDed.type: objecttype: objectname:description: Name is the name of this hook.type: stringpostHooks:description: PostHooks is a list of RestoreResourceHooksto execute during and after restoring a resource.items:description: RestoreResourceHook defines a restore hookfor a resource.properties:exec:description: Exec defines an exec restore hook.properties:command:description: Command is the command and argumentsto execute from within a container after apod has been restored.items:type: stringminItems: 1type: arraycontainer:description: Container is the container in thepod where the command should be executed.If not specified, the pod's first containeris used.type: stringexecTimeout:description: ExecTimeout defines the maximumamount of time Velero should wait for thehook to complete before considering the executiona failure.type: stringonError:description: OnError specifies how Velero shouldbehave if it encounters an error executingthis hook.enum:- Continue- Failtype: stringwaitTimeout:description: WaitTimeout defines the maximumamount of time Velero should wait for thecontainer to be Ready before attempting torun the command.type: stringrequired:- commandtype: objectinit:description: Init defines an init restore hook.properties:initContainers:description: InitContainers is list of initcontainers to be added to a pod during itsrestore.items:description: A single application containerthat you want to run within a pod.properties:args:description: 'Arguments to the entrypoint.The container image''s CMD is used ifthis is not provided. Variable references$(VAR_NAME) are expanded using the container''senvironment. If a variable cannot beresolved, the reference in the inputstring will be unchanged. Double $$are reduced to a single $, which allowsfor escaping the $(VAR_NAME) syntax:i.e. "$$(VAR_NAME)" will produce thestring literal "$(VAR_NAME)". Escapedreferences will never be expanded, regardlessof whether the variable exists or not.Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'items:type: stringtype: arraycommand:description: 'Entrypoint array. Not executedwithin a shell. The container image''sENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) areexpanded using the container''s environment.If a variable cannot be resolved, thereference in the input string will beunchanged. Double $$ are reduced toa single $, which allows for escapingthe $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"will produce the string literal "$(VAR_NAME)".Escaped references will never be expanded,regardless of whether the variable existsor not. Cannot be updated. More info:https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'items:type: stringtype: arrayenv:description: List of environment variablesto set in the container. Cannot be updated.items:description: EnvVar represents an environmentvariable present in a Container.properties:name:description: Name of the environmentvariable. Must be a C_IDENTIFIER.type: stringvalue:description: 'Variable references$(VAR_NAME) are expanded usingthe previously defined environmentvariables in the container andany service environment variables.If a variable cannot be resolved,the reference in the input stringwill be unchanged. Double $$ arereduced to a single $, which allowsfor escaping the $(VAR_NAME) syntax:i.e. "$$(VAR_NAME)" will producethe string literal "$(VAR_NAME)".Escaped references will neverbe expanded, regardless of whetherthe variable exists or not. Defaultsto "".'type: stringvalueFrom:description: Source for the environmentvariable's value. Cannot be usedif value is not empty.properties:configMapKeyRef:description: Selects a key ofa ConfigMap.properties:key:description: The key toselect.type: stringname:description: 'Name of thereferent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other usefulfields. apiVersion, kind,uid?'type: stringoptional:description: Specify whetherthe ConfigMap or its keymust be definedtype: booleanrequired:- keytype: objectfieldRef:description: 'Selects a fieldof the pod: supports metadata.name,metadata.namespace, `metadata.labels[''<KEY>'']`,`metadata.annotations[''<KEY>'']`,spec.nodeName, spec.serviceAccountName,status.hostIP, status.podIP,status.podIPs.'properties:apiVersion:description: Version ofthe schema the FieldPathis written in terms of,defaults to "v1".type: stringfieldPath:description: Path of thefield to select in thespecified API version.type: stringrequired:- fieldPathtype: objectresourceFieldRef:description: 'Selects a resourceof the container: only resourceslimits and requests (limits.cpu,limits.memory, limits.ephemeral-storage,requests.cpu, requests.memoryand requests.ephemeral-storage)are currently supported.'properties:containerName:description: 'Containername: required for volumes,optional for env vars'type: stringdivisor:anyOf:- type: integer- type: stringdescription: Specifies theoutput format of the exposedresources, defaults to"1"pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$x-kubernetes-int-or-string: trueresource:description: 'Required:resource to select'type: stringrequired:- resourcetype: objectsecretKeyRef:description: Selects a key ofa secret in the pod's namespaceproperties:key:description: The key ofthe secret to select from. Mustbe a valid secret key.type: stringname:description: 'Name of thereferent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other usefulfields. apiVersion, kind,uid?'type: stringoptional:description: Specify whetherthe Secret or its keymust be definedtype: booleanrequired:- keytype: objecttype: objectrequired:- nametype: objecttype: arrayenvFrom:description: List of sources to populateenvironment variables in the container.The keys defined within a source mustbe a C_IDENTIFIER. All invalid keyswill be reported as an event when thecontainer is starting. When a key existsin multiple sources, the value associatedwith the last source will take precedence.Values defined by an Env with a duplicatekey will take precedence. Cannot beupdated.items:description: EnvFromSource representsthe source of a set of ConfigMapsproperties:configMapRef:description: The ConfigMap to selectfromproperties:name:description: 'Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields.apiVersion, kind, uid?'type: stringoptional:description: Specify whetherthe ConfigMap must be definedtype: booleantype: objectprefix:description: An optional identifierto prepend to each key in theConfigMap. Must be a C_IDENTIFIER.type: stringsecretRef:description: The Secret to selectfromproperties:name:description: 'Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields.apiVersion, kind, uid?'type: stringoptional:description: Specify whetherthe Secret must be definedtype: booleantype: objecttype: objecttype: arrayimage:description: 'Container image name. Moreinfo: https://kubernetes.io/docs/concepts/containers/imagesThis field is optional to allow higherlevel config management to default oroverride container images in workloadcontrollers like Deployments and StatefulSets.'type: stringimagePullPolicy:description: 'Image pull policy. One ofAlways, Never, IfNotPresent. Defaultsto Always if :latest tag is specified,or IfNotPresent otherwise. Cannot beupdated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'type: stringlifecycle:description: Actions that the managementsystem should take in response to containerlifecycle events. Cannot be updated.properties:postStart:description: 'PostStart is calledimmediately after a container iscreated. If the handler fails, thecontainer is terminated and restartedaccording to its restart policy.Other management of the containerblocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'properties:exec:description: Exec specifies theaction to take.properties:command:description: Command is thecommand line to executeinside the container, theworking directory for thecommand is root ('/') inthe container's filesystem.The command is simply exec'd,it is not run inside a shell,so traditional shell instructions('|', etc) won't work. Touse a shell, you need toexplicitly call out to thatshell. Exit status of 0is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objecthttpGet:description: HTTPGet specifiesthe http request to perform.properties:host:description: Host name toconnect to, defaults tothe pod IP. You probablywant to set "Host" in httpHeadersinstead.type: stringhttpHeaders:description: Custom headersto set in the request. HTTPallows repeated headers.items:description: HTTPHeaderdescribes a custom headerto be used in HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to accesson the HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or numberof the port to access onthe container. Number mustbe in the range 1 to 65535.Name must be an IANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to usefor connecting to the host.Defaults to HTTP.type: stringrequired:- porttype: objecttcpSocket:description: Deprecated. TCPSocketis NOT supported as a LifecycleHandlerand kept for the backward compatibility.There are no validation of thisfield and lifecycle hooks willfail in runtime when tcp handleris specified.properties:host:description: 'Optional: Hostname to connect to, defaultsto the pod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or nameof the port to access onthe container. Number mustbe in the range 1 to 65535.Name must be an IANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objecttype: objectpreStop:description: 'PreStop is called immediatelybefore a container is terminateddue to an API request or managementevent such as liveness/startup probefailure, preemption, resource contention,etc. The handler is not called ifthe container crashes or exits.The Pod''s termination grace periodcountdown begins before the PreStophook is executed. Regardless ofthe outcome of the handler, thecontainer will eventually terminatewithin the Pod''s termination graceperiod (unless delayed by finalizers).Other management of the containerblocks until the hook completesor until the termination grace periodis reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'properties:exec:description: Exec specifies theaction to take.properties:command:description: Command is thecommand line to executeinside the container, theworking directory for thecommand is root ('/') inthe container's filesystem.The command is simply exec'd,it is not run inside a shell,so traditional shell instructions('|', etc) won't work. Touse a shell, you need toexplicitly call out to thatshell. Exit status of 0is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objecthttpGet:description: HTTPGet specifiesthe http request to perform.properties:host:description: Host name toconnect to, defaults tothe pod IP. You probablywant to set "Host" in httpHeadersinstead.type: stringhttpHeaders:description: Custom headersto set in the request. HTTPallows repeated headers.items:description: HTTPHeaderdescribes a custom headerto be used in HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to accesson the HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or numberof the port to access onthe container. Number mustbe in the range 1 to 65535.Name must be an IANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to usefor connecting to the host.Defaults to HTTP.type: stringrequired:- porttype: objecttcpSocket:description: Deprecated. TCPSocketis NOT supported as a LifecycleHandlerand kept for the backward compatibility.There are no validation of thisfield and lifecycle hooks willfail in runtime when tcp handleris specified.properties:host:description: 'Optional: Hostname to connect to, defaultsto the pod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or nameof the port to access onthe container. Number mustbe in the range 1 to 65535.Name must be an IANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objecttype: objecttype: objectlivenessProbe:description: 'Periodic probe of containerliveness. Container will be restartedif the probe fails. Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'properties:exec:description: Exec specifies the actionto take.properties:command:description: Command is the commandline to execute inside the container,the working directory for thecommand is root ('/') in thecontainer's filesystem. Thecommand is simply exec'd, itis not run inside a shell, sotraditional shell instructions('|', etc) won't work. To usea shell, you need to explicitlycall out to that shell. Exitstatus of 0 is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objectfailureThreshold:description: Minimum consecutive failuresfor the probe to be considered failedafter having succeeded. Defaultsto 3. Minimum value is 1.format: int32type: integergrpc:description: GRPC specifies an actioninvolving a GRPC port. This is abeta field and requires enablingGRPCContainerProbe feature gate.properties:port:description: Port number of thegRPC service. Number must bein the range 1 to 65535.format: int32type: integerservice:description: "Service is the nameof the service to place in thegRPC HealthCheckRequest (seehttps://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n If this is not specified,the default behavior is definedby gRPC."type: stringrequired:- porttype: objecthttpGet:description: HTTPGet specifies thehttp request to perform.properties:host:description: Host name to connectto, defaults to the pod IP.You probably want to set "Host"in httpHeaders instead.type: stringhttpHeaders:description: Custom headers toset in the request. HTTP allowsrepeated headers.items:description: HTTPHeader describesa custom header to be usedin HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to access onthe HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or number ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to use forconnecting to the host. Defaultsto HTTP.type: stringrequired:- porttype: objectinitialDelaySeconds:description: 'Number of seconds afterthe container has started beforeliveness probes are initiated. Moreinfo: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integerperiodSeconds:description: How often (in seconds)to perform the probe. Default to10 seconds. Minimum value is 1.format: int32type: integersuccessThreshold:description: Minimum consecutive successesfor the probe to be considered successfulafter having failed. Defaults to1. Must be 1 for liveness and startup.Minimum value is 1.format: int32type: integertcpSocket:description: TCPSocket specifies anaction involving a TCP port.properties:host:description: 'Optional: Host nameto connect to, defaults to thepod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or name ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objectterminationGracePeriodSeconds:description: Optional duration inseconds the pod needs to terminategracefully upon probe failure. Thegrace period is the duration inseconds after the processes runningin the pod are sent a terminationsignal and the time when the processesare forcibly halted with a killsignal. Set this value longer thanthe expected cleanup time for yourprocess. If this value is nil, thepod's terminationGracePeriodSecondswill be used. Otherwise, this valueoverrides the value provided bythe pod spec. Value must be non-negativeinteger. The value zero indicatesstop immediately via the kill signal(no opportunity to shut down). Thisis a beta field and requires enablingProbeTerminationGracePeriod featuregate. Minimum value is 1. spec.terminationGracePeriodSecondsis used if unset.format: int64type: integertimeoutSeconds:description: 'Number of seconds afterwhich the probe times out. Defaultsto 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integertype: objectname:description: Name of the container specifiedas a DNS_LABEL. Each container in apod must have a unique name (DNS_LABEL).Cannot be updated.type: stringports:description: List of ports to expose fromthe container. Exposing a port heregives the system additional informationabout the network connections a containeruses, but is primarily informational.Not specifying a port here DOES NOTprevent that port from being exposed.Any port which is listening on the default"0.0.0.0" address inside a containerwill be accessible from the network.Cannot be updated.items:description: ContainerPort representsa network port in a single container.properties:containerPort:description: Number of port to exposeon the pod's IP address. Thismust be a valid port number, 0< x < 65536.format: int32type: integerhostIP:description: What host IP to bindthe external port to.type: stringhostPort:description: Number of port to exposeon the host. If specified, thismust be a valid port number, 0< x < 65536. If HostNetwork isspecified, this must match ContainerPort.Most containers do not need this.format: int32type: integername:description: If specified, thismust be an IANA_SVC_NAME and uniquewithin the pod. Each named portin a pod must have a unique name.Name for the port that can bereferred to by services.type: stringprotocol:default: TCPdescription: Protocol for port.Must be UDP, TCP, or SCTP. Defaultsto "TCP".type: stringrequired:- containerPort- protocoltype: objecttype: arrayx-kubernetes-list-map-keys:- containerPort- protocolx-kubernetes-list-type: mapreadinessProbe:description: 'Periodic probe of containerservice readiness. Container will beremoved from service endpoints if theprobe fails. Cannot be updated. Moreinfo: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'properties:exec:description: Exec specifies the actionto take.properties:command:description: Command is the commandline to execute inside the container,the working directory for thecommand is root ('/') in thecontainer's filesystem. Thecommand is simply exec'd, itis not run inside a shell, sotraditional shell instructions('|', etc) won't work. To usea shell, you need to explicitlycall out to that shell. Exitstatus of 0 is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objectfailureThreshold:description: Minimum consecutive failuresfor the probe to be considered failedafter having succeeded. Defaultsto 3. Minimum value is 1.format: int32type: integergrpc:description: GRPC specifies an actioninvolving a GRPC port. This is abeta field and requires enablingGRPCContainerProbe feature gate.properties:port:description: Port number of thegRPC service. Number must bein the range 1 to 65535.format: int32type: integerservice:description: "Service is the nameof the service to place in thegRPC HealthCheckRequest (seehttps://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n If this is not specified,the default behavior is definedby gRPC."type: stringrequired:- porttype: objecthttpGet:description: HTTPGet specifies thehttp request to perform.properties:host:description: Host name to connectto, defaults to the pod IP.You probably want to set "Host"in httpHeaders instead.type: stringhttpHeaders:description: Custom headers toset in the request. HTTP allowsrepeated headers.items:description: HTTPHeader describesa custom header to be usedin HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to access onthe HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or number ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to use forconnecting to the host. Defaultsto HTTP.type: stringrequired:- porttype: objectinitialDelaySeconds:description: 'Number of seconds afterthe container has started beforeliveness probes are initiated. Moreinfo: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integerperiodSeconds:description: How often (in seconds)to perform the probe. Default to10 seconds. Minimum value is 1.format: int32type: integersuccessThreshold:description: Minimum consecutive successesfor the probe to be considered successfulafter having failed. Defaults to1. Must be 1 for liveness and startup.Minimum value is 1.format: int32type: integertcpSocket:description: TCPSocket specifies anaction involving a TCP port.properties:host:description: 'Optional: Host nameto connect to, defaults to thepod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or name ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objectterminationGracePeriodSeconds:description: Optional duration inseconds the pod needs to terminategracefully upon probe failure. Thegrace period is the duration inseconds after the processes runningin the pod are sent a terminationsignal and the time when the processesare forcibly halted with a killsignal. Set this value longer thanthe expected cleanup time for yourprocess. If this value is nil, thepod's terminationGracePeriodSecondswill be used. Otherwise, this valueoverrides the value provided bythe pod spec. Value must be non-negativeinteger. The value zero indicatesstop immediately via the kill signal(no opportunity to shut down). Thisis a beta field and requires enablingProbeTerminationGracePeriod featuregate. Minimum value is 1. spec.terminationGracePeriodSecondsis used if unset.format: int64type: integertimeoutSeconds:description: 'Number of seconds afterwhich the probe times out. Defaultsto 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integertype: objectresources:description: 'Compute Resources requiredby this container. Cannot be updated.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'properties:limits:additionalProperties:anyOf:- type: integer- type: stringpattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$x-kubernetes-int-or-string: truedescription: 'Limits describes themaximum amount of compute resourcesallowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'type: objectrequests:additionalProperties:anyOf:- type: integer- type: stringpattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$x-kubernetes-int-or-string: truedescription: 'Requests describes theminimum amount of compute resourcesrequired. If Requests is omittedfor a container, it defaults toLimits if that is explicitly specified,otherwise to an implementation-definedvalue. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'type: objecttype: objectsecurityContext:description: 'SecurityContext definesthe security options the container shouldbe run with. If set, the fields of SecurityContextoverride the equivalent fields of PodSecurityContext.More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'properties:allowPrivilegeEscalation:description: 'AllowPrivilegeEscalationcontrols whether a process can gainmore privileges than its parentprocess. This bool directly controlsif the no_new_privs flag will beset on the container process. AllowPrivilegeEscalationis true always when the containeris: 1) run as Privileged 2) hasCAP_SYS_ADMIN Note that this fieldcannot be set when spec.os.nameis windows.'type: booleancapabilities:description: The capabilities to add/dropwhen running containers. Defaultsto the default set of capabilitiesgranted by the container runtime.Note that this field cannot be setwhen spec.os.name is windows.properties:add:description: Added capabilitiesitems:description: Capability representPOSIX capabilities typetype: stringtype: arraydrop:description: Removed capabilitiesitems:description: Capability representPOSIX capabilities typetype: stringtype: arraytype: objectprivileged:description: Run container in privilegedmode. Processes in privileged containersare essentially equivalent to rooton the host. Defaults to false.Note that this field cannot be setwhen spec.os.name is windows.type: booleanprocMount:description: procMount denotes thetype of proc mount to use for thecontainers. The default is DefaultProcMountwhich uses the container runtimedefaults for readonly paths andmasked paths. This requires theProcMountType feature flag to beenabled. Note that this field cannotbe set when spec.os.name is windows.type: stringreadOnlyRootFilesystem:description: Whether this containerhas a read-only root filesystem.Default is false. Note that thisfield cannot be set when spec.os.nameis windows.type: booleanrunAsGroup:description: The GID to run the entrypointof the container process. Uses runtimedefault if unset. May also be setin PodSecurityContext. If set inboth SecurityContext and PodSecurityContext,the value specified in SecurityContexttakes precedence. Note that thisfield cannot be set when spec.os.nameis windows.format: int64type: integerrunAsNonRoot:description: Indicates that the containermust run as a non-root user. Iftrue, the Kubelet will validatethe image at runtime to ensure thatit does not run as UID 0 (root)and fail to start the containerif it does. If unset or false, nosuch validation will be performed.May also be set in PodSecurityContext. Ifset in both SecurityContext andPodSecurityContext, the value specifiedin SecurityContext takes precedence.type: booleanrunAsUser:description: The UID to run the entrypointof the container process. Defaultsto user specified in image metadataif unspecified. May also be setin PodSecurityContext. If set inboth SecurityContext and PodSecurityContext,the value specified in SecurityContexttakes precedence. Note that thisfield cannot be set when spec.os.nameis windows.format: int64type: integerseLinuxOptions:description: The SELinux context tobe applied to the container. Ifunspecified, the container runtimewill allocate a random SELinux contextfor each container. May also beset in PodSecurityContext. If setin both SecurityContext and PodSecurityContext,the value specified in SecurityContexttakes precedence. Note that thisfield cannot be set when spec.os.nameis windows.properties:level:description: Level is SELinuxlevel label that applies tothe container.type: stringrole:description: Role is a SELinuxrole label that applies to thecontainer.type: stringtype:description: Type is a SELinuxtype label that applies to thecontainer.type: stringuser:description: User is a SELinuxuser label that applies to thecontainer.type: stringtype: objectseccompProfile:description: The seccomp options touse by this container. If seccompoptions are provided at both thepod & container level, the containeroptions override the pod options.Note that this field cannot be setwhen spec.os.name is windows.properties:localhostProfile:description: localhostProfileindicates a profile definedin a file on the node shouldbe used. The profile must bepreconfigured on the node towork. Must be a descending path,relative to the kubelet's configuredseccomp profile location. Mustonly be set if type is "Localhost".type: stringtype:description: "type indicates whichkind of seccomp profile willbe applied. Valid options are:\n Localhost - a profile definedin a file on the node shouldbe used. RuntimeDefault - thecontainer runtime default profileshould be used. Unconfined -no profile should be applied."type: stringrequired:- typetype: objectwindowsOptions:description: The Windows specificsettings applied to all containers.If unspecified, the options fromthe PodSecurityContext will be used.If set in both SecurityContext andPodSecurityContext, the value specifiedin SecurityContext takes precedence.Note that this field cannot be setwhen spec.os.name is linux.properties:gmsaCredentialSpec:description: GMSACredentialSpecis where the GMSA admissionwebhook (https://github.com/kubernetes-sigs/windows-gmsa)inlines the contents of theGMSA credential spec named bythe GMSACredentialSpecName field.type: stringgmsaCredentialSpecName:description: GMSACredentialSpecNameis the name of the GMSA credentialspec to use.type: stringhostProcess:description: HostProcess determinesif a container should be runas a 'Host Process' container.This field is alpha-level andwill only be honored by componentsthat enable the WindowsHostProcessContainersfeature flag. Setting this fieldwithout the feature flag willresult in errors when validatingthe Pod. All of a Pod's containersmust have the same effectiveHostProcess value (it is notallowed to have a mix of HostProcesscontainers and non-HostProcesscontainers). In addition, ifHostProcess is true then HostNetworkmust also be set to true.type: booleanrunAsUserName:description: The UserName in Windowsto run the entrypoint of thecontainer process. Defaultsto the user specified in imagemetadata if unspecified. Mayalso be set in PodSecurityContext.If set in both SecurityContextand PodSecurityContext, thevalue specified in SecurityContexttakes precedence.type: stringtype: objecttype: objectstartupProbe:description: 'StartupProbe indicates thatthe Pod has successfully initialized.If specified, no other probes are executeduntil this completes successfully. Ifthis probe fails, the Pod will be restarted,just as if the livenessProbe failed.This can be used to provide differentprobe parameters at the beginning ofa Pod''s lifecycle, when it might takea long time to load data or warm a cache,than during steady-state operation.This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'properties:exec:description: Exec specifies the actionto take.properties:command:description: Command is the commandline to execute inside the container,the working directory for thecommand is root ('/') in thecontainer's filesystem. Thecommand is simply exec'd, itis not run inside a shell, sotraditional shell instructions('|', etc) won't work. To usea shell, you need to explicitlycall out to that shell. Exitstatus of 0 is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objectfailureThreshold:description: Minimum consecutive failuresfor the probe to be considered failedafter having succeeded. Defaultsto 3. Minimum value is 1.format: int32type: integergrpc:description: GRPC specifies an actioninvolving a GRPC port. This is abeta field and requires enablingGRPCContainerProbe feature gate.properties:port:description: Port number of thegRPC service. Number must bein the range 1 to 65535.format: int32type: integerservice:description: "Service is the nameof the service to place in thegRPC HealthCheckRequest (seehttps://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n If this is not specified,the default behavior is definedby gRPC."type: stringrequired:- porttype: objecthttpGet:description: HTTPGet specifies thehttp request to perform.properties:host:description: Host name to connectto, defaults to the pod IP.You probably want to set "Host"in httpHeaders instead.type: stringhttpHeaders:description: Custom headers toset in the request. HTTP allowsrepeated headers.items:description: HTTPHeader describesa custom header to be usedin HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to access onthe HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or number ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to use forconnecting to the host. Defaultsto HTTP.type: stringrequired:- porttype: objectinitialDelaySeconds:description: 'Number of seconds afterthe container has started beforeliveness probes are initiated. Moreinfo: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integerperiodSeconds:description: How often (in seconds)to perform the probe. Default to10 seconds. Minimum value is 1.format: int32type: integersuccessThreshold:description: Minimum consecutive successesfor the probe to be considered successfulafter having failed. Defaults to1. Must be 1 for liveness and startup.Minimum value is 1.format: int32type: integertcpSocket:description: TCPSocket specifies anaction involving a TCP port.properties:host:description: 'Optional: Host nameto connect to, defaults to thepod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or name ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objectterminationGracePeriodSeconds:description: Optional duration inseconds the pod needs to terminategracefully upon probe failure. Thegrace period is the duration inseconds after the processes runningin the pod are sent a terminationsignal and the time when the processesare forcibly halted with a killsignal. Set this value longer thanthe expected cleanup time for yourprocess. If this value is nil, thepod's terminationGracePeriodSecondswill be used. Otherwise, this valueoverrides the value provided bythe pod spec. Value must be non-negativeinteger. The value zero indicatesstop immediately via the kill signal(no opportunity to shut down). Thisis a beta field and requires enablingProbeTerminationGracePeriod featuregate. Minimum value is 1. spec.terminationGracePeriodSecondsis used if unset.format: int64type: integertimeoutSeconds:description: 'Number of seconds afterwhich the probe times out. Defaultsto 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integertype: objectstdin:description: Whether this container shouldallocate a buffer for stdin in the containerruntime. If this is not set, reads fromstdin in the container will always resultin EOF. Default is false.type: booleanstdinOnce:description: Whether the container runtimeshould close the stdin channel afterit has been opened by a single attach.When stdin is true the stdin streamwill remain open across multiple attachsessions. If stdinOnce is set to true,stdin is opened on container start,is empty until the first client attachesto stdin, and then remains open andaccepts data until the client disconnects,at which time stdin is closed and remainsclosed until the container is restarted.If this flag is false, a container processesthat reads from stdin will never receivean EOF. Default is falsetype: booleanterminationMessagePath:description: 'Optional: Path at whichthe file to which the container''s terminationmessage will be written is mounted intothe container''s filesystem. Messagewritten is intended to be brief finalstatus, such as an assertion failuremessage. Will be truncated by the nodeif greater than 4096 bytes. The totalmessage length across all containerswill be limited to 12kb. Defaults to/dev/termination-log. Cannot be updated.'type: stringterminationMessagePolicy:description: Indicate how the terminationmessage should be populated. File willuse the contents of terminationMessagePathto populate the container status messageon both success and failure. FallbackToLogsOnErrorwill use the last chunk of containerlog output if the termination messagefile is empty and the container exitedwith an error. The log output is limitedto 2048 bytes or 80 lines, whicheveris smaller. Defaults to File. Cannotbe updated.type: stringtty:description: Whether this container shouldallocate a TTY for itself, also requires'stdin' to be true. Default is false.type: booleanvolumeDevices:description: volumeDevices is the listof block devices to be used by the container.items:description: volumeDevice describesa mapping of a raw block device withina container.properties:devicePath:description: devicePath is the pathinside of the container that thedevice will be mapped to.type: stringname:description: name must match thename of a persistentVolumeClaimin the podtype: stringrequired:- devicePath- nametype: objecttype: arrayvolumeMounts:description: Pod volumes to mount intothe container's filesystem. Cannot beupdated.items:description: VolumeMount describes amounting of a Volume within a container.properties:mountPath:description: Path within the containerat which the volume should bemounted. Must not contain ':'.type: stringmountPropagation:description: mountPropagation determineshow mounts are propagated fromthe host to container and theother way around. When not set,MountPropagationNone is used.This field is beta in 1.10.type: stringname:description: This must match theName of a Volume.type: stringreadOnly:description: Mounted read-only iftrue, read-write otherwise (falseor unspecified). Defaults to false.type: booleansubPath:description: Path within the volumefrom which the container's volumeshould be mounted. Defaults to"" (volume's root).type: stringsubPathExpr:description: Expanded path withinthe volume from which the container'svolume should be mounted. Behavessimilarly to SubPath but environmentvariable references $(VAR_NAME)are expanded using the container'senvironment. Defaults to "" (volume'sroot). SubPathExpr and SubPathare mutually exclusive.type: stringrequired:- mountPath- nametype: objecttype: arrayworkingDir:description: Container's working directory.If not specified, the container runtime'sdefault will be used, which might beconfigured in the container image. Cannotbe updated.type: stringrequired:- nametype: objecttype: arraytimeout:description: Timeout defines the maximum amountof time Velero should wait for the initContainersto complete.type: stringtype: objecttype: objecttype: arrayrequired:- nametype: objecttype: arraytype: objectincludeClusterResources:description: IncludeClusterResources specifies whether cluster-scopedresources should be included for consideration in the restore.If null, defaults to true.nullable: truetype: booleanincludedNamespaces:description: IncludedNamespaces is a slice of namespace names toinclude objects from. If empty, all namespaces are included.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources is a slice of resource names to includein the restore. If empty, all resources in the backup are included.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector is a metav1.LabelSelector to filter withwhen restoring individual objects from the backup. If empty ornil, all objects are included. Optional.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selector requirements.The requirements are ANDed.items:description: A label selector requirement is a selector thatcontains values, a key, and an operator that relates thekey and values.properties:key:description: key is the label key that the selector appliesto.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn, Existsand DoesNotExist.type: stringvalues:description: values is an array of string values. If theoperator is In or NotIn, the values array must be non-empty.If the operator is Exists or DoesNotExist, the valuesarray must be empty. This array is replaced during astrategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs. A single{key,value} in the matchLabels map is equivalent to an elementof matchExpressions, whose key field is "key", the operatoris "In", and the values array contains only "value". The requirementsare ANDed.type: objecttype: objectnamespaceMapping:additionalProperties:type: stringdescription: NamespaceMapping is a map of source namespace namesto target namespace names to restore into. Any source namespacesnot included in the map will be restored into namespaces of thesame name.type: objectorLabelSelectors:description: OrLabelSelectors is list of metav1.LabelSelector tofilter with when restoring individual objects from the backup.If multiple provided they will be joined by the OR operator. LabelSelectoras well as OrLabelSelectors cannot co-exist in restore request,only one of them can be useditems:description: A label selector is a label query over a set of resources.The result of matchLabels and matchExpressions are ANDed. Anempty label selector matches all objects. A null label selectormatches no objects.properties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator that relatesthe key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn,Exists and DoesNotExist.type: stringvalues:description: values is an array of string values. Ifthe operator is In or NotIn, the values array mustbe non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replacedduring a strategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs. Asingle {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key field is "key",the operator is "In", and the values array contains only"value". The requirements are ANDed.type: objecttype: objectnullable: truetype: arraypreserveNodePorts:description: PreserveNodePorts specifies whether to restore oldnodePorts from backup.nullable: truetype: booleanrestorePVs:description: RestorePVs specifies whether to restore all includedPVs from snapshot (via the cloudprovider).nullable: truetype: booleanrestoreStatus:description: RestoreStatus specifies which resources we should restorethe status field. If nil, no objects are included. Optional.nullable: trueproperties:excludedResources:description: ExcludedResources specifies the resources to whichwill not restore the status.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources specifies the resources to whichwill restore the status. If empty, it applies to all resources.items:type: stringnullable: truetype: arraytype: objectscheduleName:description: ScheduleName is the unique name of the Velero scheduleto restore from. If specified, and BackupName is empty, Velerowill restore from the most recent successful backup created fromthis schedule.type: stringrequired:- backupNametype: objectstatus:description: RestoreStatus captures the current status of a Velero restoreproperties:completionTimestamp:description: CompletionTimestamp records the time the restore operationwas completed. Completion time is recorded even on failed restore.The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringerrors:description: Errors is a count of all error messages that were generatedduring execution of the restore. The actual errors are storedin object storage.type: integerfailureReason:description: FailureReason is an error that caused the entire restoreto fail.type: stringphase:description: Phase is the current state of the Restoreenum:- New- FailedValidation- InProgress- Completed- PartiallyFailed- Failedtype: stringprogress:description: Progress contains information about the restore's executionprogress. Note that this information is best-effort only -- ifVelero fails to update it during a restore for any reason, itmay be inaccurate/stale.nullable: trueproperties:itemsRestored:description: ItemsRestored is the number of items that haveactually been restored so fartype: integertotalItems:description: TotalItems is the total number of items to be restored.This number may change throughout the execution of the restoredue to plugins that return additional related items to restoretype: integertype: objectstartTimestamp:description: StartTimestamp records the time the restore operationwas started. The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringvalidationErrors:description: ValidationErrors is a slice of all validation errors(if applicable)items:type: stringnullable: truetype: arraywarnings:description: Warnings is a count of all warning messages that weregenerated during execution of the restore. The actual warningsare stored in object storage.type: integertype: objecttype: objectserved: truestorage: true
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: schedules.velero.iospec:group: velero.ionames:kind: SchedulelistKind: ScheduleListplural: schedulessingular: schedulescope: Namespacedversions:- additionalPrinterColumns:- description: Status of the schedulejsonPath: .status.phasename: Statustype: string- description: A Cron expression defining when to run the BackupjsonPath: .spec.schedulename: Scheduletype: string- description: The last time a Backup was run for this schedulejsonPath: .status.lastBackupname: LastBackuptype: date- jsonPath: .metadata.creationTimestampname: Agetype: datename: v1schema:openAPIV3Schema:description: Schedule is a Velero resource that represents a pre-scheduledor periodic Backup that should be run.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: ScheduleSpec defines the specification for a Velero scheduleproperties:schedule:description: Schedule is a Cron expression defining when to runthe Backup.type: stringtemplate:description: Template is the definition of the Backup to be runon the provided scheduleproperties:csiSnapshotTimeout:description: CSISnapshotTimeout specifies the time used to waitfor CSI VolumeSnapshot status turns to ReadyToUse during creation,before returning error as timeout. The default value is 10minute.type: stringdefaultVolumesToRestic:description: DefaultVolumesToRestic specifies whether resticshould be used to take a backup of all pod volumes by default.type: booleanexcludedNamespaces:description: ExcludedNamespaces contains a list of namespacesthat are not included in the backup.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources is a slice of resource namesthat are not included in the backup.items:type: stringnullable: truetype: arrayhooks:description: Hooks represent custom behaviors that should beexecuted at different phases of the backup.properties:resources:description: Resources are hooks that should be executedwhen backing up individual instances of a resource.items:description: BackupResourceHookSpec defines one or moreBackupResourceHooks that should be executed based onthe rules defined for namespaces, resources, and labelselector.properties:excludedNamespaces:description: ExcludedNamespaces specifies the namespacesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources specifies the resourcesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayincludedNamespaces:description: IncludedNamespaces specifies the namespacesto which this hook spec applies. If empty, it appliesto all namespaces.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources specifies the resourcesto which this hook spec applies. If empty, it appliesto all resources.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector, if specified, filtersthe resources to which this hook spec applies.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of labelselector requirements. The requirements areANDed.items:description: A label selector requirement isa selector that contains values, a key, andan operator that relates the key and values.properties:key:description: key is the label key that theselector applies to.type: stringoperator:description: operator represents a key'srelationship to a set of values. Validoperators are In, NotIn, Exists and DoesNotExist.type: stringvalues:description: values is an array of stringvalues. If the operator is In or NotIn,the values array must be non-empty. Ifthe operator is Exists or DoesNotExist,the values array must be empty. This arrayis replaced during a strategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value}pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions,whose key field is "key", the operator is "In",and the values array contains only "value".The requirements are ANDed.type: objecttype: objectname:description: Name is the name of this hook.type: stringpost:description: PostHooks is a list of BackupResourceHooksto execute after storing the item in the backup.These are executed after all "additional items"from item actions are processed.items:description: BackupResourceHook defines a hook fora resource.properties:exec:description: Exec defines an exec hook.properties:command:description: Command is the command andarguments to execute.items:type: stringminItems: 1type: arraycontainer:description: Container is the containerin the pod where the command should beexecuted. If not specified, the pod'sfirst container is used.type: stringonError:description: OnError specifies how Veleroshould behave if it encounters an errorexecuting this hook.enum:- Continue- Failtype: stringtimeout:description: Timeout defines the maximumamount of time Velero should wait forthe hook to complete before consideringthe execution a failure.type: stringrequired:- commandtype: objectrequired:- exectype: objecttype: arraypre:description: PreHooks is a list of BackupResourceHooksto execute prior to storing the item in the backup.These are executed before any "additional items"from item actions are processed.items:description: BackupResourceHook defines a hook fora resource.properties:exec:description: Exec defines an exec hook.properties:command:description: Command is the command andarguments to execute.items:type: stringminItems: 1type: arraycontainer:description: Container is the containerin the pod where the command should beexecuted. If not specified, the pod'sfirst container is used.type: stringonError:description: OnError specifies how Veleroshould behave if it encounters an errorexecuting this hook.enum:- Continue- Failtype: stringtimeout:description: Timeout defines the maximumamount of time Velero should wait forthe hook to complete before consideringthe execution a failure.type: stringrequired:- commandtype: objectrequired:- exectype: objecttype: arrayrequired:- nametype: objectnullable: truetype: arraytype: objectincludeClusterResources:description: IncludeClusterResources specifies whether cluster-scopedresources should be included for consideration in the backup.nullable: truetype: booleanincludedNamespaces:description: IncludedNamespaces is a slice of namespace namesto include objects from. If empty, all namespaces are included.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources is a slice of resource namesto include in the backup. If empty, all resources are included.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector is a metav1.LabelSelector to filterwith when adding individual objects to the backup. If emptyor nil, all objects are included. Optional.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator that relatesthe key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn,Exists and DoesNotExist.type: stringvalues:description: values is an array of string values.If the operator is In or NotIn, the values arraymust be non-empty. If the operator is Exists orDoesNotExist, the values array must be empty. Thisarray is replaced during a strategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs.A single {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key field is"key", the operator is "In", and the values array containsonly "value". The requirements are ANDed.type: objecttype: objectmetadata:properties:labels:additionalProperties:type: stringtype: objecttype: objectorLabelSelectors:description: OrLabelSelectors is list of metav1.LabelSelectorto filter with when adding individual objects to the backup.If multiple provided they will be joined by the OR operator.LabelSelector as well as OrLabelSelectors cannot co-existin backup request, only one of them can be used.items:description: A label selector is a label query over a setof resources. The result of matchLabels and matchExpressionsare ANDed. An empty label selector matches all objects.A null label selector matches no objects.properties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator thatrelates the key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn,Exists and DoesNotExist.type: stringvalues:description: values is an array of string values.If the operator is In or NotIn, the values arraymust be non-empty. If the operator is Exists orDoesNotExist, the values array must be empty.This array is replaced during a strategic mergepatch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs.A single {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key field is"key", the operator is "In", and the values array containsonly "value". The requirements are ANDed.type: objecttype: objectnullable: truetype: arrayorderedResources:additionalProperties:type: stringdescription: OrderedResources specifies the backup order ofresources of specific Kind. The map key is the Kind name andvalue is a list of resource names separated by commas. Eachresource name has format "namespace/resourcename". For clusterresources, simply use "resourcename".nullable: truetype: objectsnapshotVolumes:description: SnapshotVolumes specifies whether to take cloudsnapshots of any PV's referenced in the set of objects includedin the Backup.nullable: truetype: booleanstorageLocation:description: StorageLocation is a string containing the nameof a BackupStorageLocation where the backup should be stored.type: stringttl:description: TTL is a time.Duration-parseable string describinghow long the Backup should be retained for.type: stringvolumeSnapshotLocations:description: VolumeSnapshotLocations is a list containing namesof VolumeSnapshotLocations associated with this backup.items:type: stringtype: arraytype: objectuseOwnerReferencesInBackup:description: UseOwnerReferencesBackup specifies whether to use OwnerReferenceson backups created by this Schedule.nullable: truetype: booleanrequired:- schedule- templatetype: objectstatus:description: ScheduleStatus captures the current state of a Velero scheduleproperties:lastBackup:description: LastBackup is the last time a Backup was run for thisSchedule scheduleformat: date-timenullable: truetype: stringphase:description: Phase is the current phase of the Scheduleenum:- New- Enabled- FailedValidationtype: stringvalidationErrors:description: ValidationErrors is a slice of all validation errors(if applicable)items:type: stringtype: arraytype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: serverstatusrequests.velero.iospec:group: velero.ionames:kind: ServerStatusRequestlistKind: ServerStatusRequestListplural: serverstatusrequestsshortNames:- ssrsingular: serverstatusrequestscope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: ServerStatusRequest is a request to access current status informationabout the Velero server.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: ServerStatusRequestSpec is the specification for a ServerStatusRequest.type: objectstatus:description: ServerStatusRequestStatus is the current status of a ServerStatusRequest.properties:phase:description: Phase is the current lifecycle phase of the ServerStatusRequest.enum:- New- Processedtype: stringplugins:description: Plugins list information about the plugins runningon the Velero serveritems:description: PluginInfo contains attributes of a Velero pluginproperties:kind:type: stringname:type: stringrequired:- kind- nametype: objectnullable: truetype: arrayprocessedTimestamp:description: ProcessedTimestamp is when the ServerStatusRequestwas processed by the ServerStatusRequestController.format: date-timenullable: truetype: stringserverVersion:description: ServerVersion is the Velero server version.type: stringtype: objecttype: objectserved: truestorage: true
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: volumesnapshotlocations.velero.iospec:group: velero.ionames:kind: VolumeSnapshotLocationlistKind: VolumeSnapshotLocationListplural: volumesnapshotlocationssingular: volumesnapshotlocationscope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: VolumeSnapshotLocation is a location where Velero stores volumesnapshots.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: VolumeSnapshotLocationSpec defines the specification fora Velero VolumeSnapshotLocation.properties:config:additionalProperties:type: stringdescription: Config is for provider-specific configuration fields.type: objectprovider:description: Provider is the provider of the volume storage.type: stringrequired:- providertype: objectstatus:description: VolumeSnapshotLocationStatus describes the current statusof a Velero VolumeSnapshotLocation.properties:phase:description: VolumeSnapshotLocationPhase is the lifecycle phaseof a Velero VolumeSnapshotLocation.enum:- Available- Unavailabletype: stringtype: objecttype: objectserved: truestorage: true
- apiVersion: v1kind: Namespacemetadata:creationTimestamp: nulllabels:component: veleroname: velerospec: {}
- apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata:creationTimestamp: nulllabels:component: veleroname: veleroroleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-adminsubjects:- kind: ServiceAccountname: veleronamespace: velero
- apiVersion: v1kind: ServiceAccountmetadata:creationTimestamp: nulllabels:component: veleroname: veleronamespace: velero
- apiVersion: v1data:cloud: W2RlZmF1bHRdCmF3c19hY2Nlc3Nfa2V5X2lkPW1pbmlvYWRtaW4KYXdzX3NlY3JldF9hY2Nlc3Nfa2V5PW1pbmlvYWRtaW4Kkind: Secretmetadata:creationTimestamp: nulllabels:component: veleroname: cloud-credentialsnamespace: velerotype: Opaque
- apiVersion: velero.io/v1kind: BackupStorageLocationmetadata:creationTimestamp: nulllabels:component: veleroname: defaultnamespace: velerospec:config:region: minios3ForcePathStyle: "true"s3Url: http://192.168.123.11:39111default: trueobjectStorage:bucket: veleroprovider: aws
- apiVersion: apps/v1kind: Deploymentmetadata:creationTimestamp: nulllabels:component: veleroname: veleronamespace: velerospec:selector:matchLabels:deploy: velerostrategy: {}template:metadata:annotations:prometheus.io/path: /metricsprometheus.io/port: "8085"prometheus.io/scrape: "true"creationTimestamp: nulllabels:component: velerodeploy: velerospec:containers:- args:- server- --features=command:- /veleroenv:- name: VELERO_SCRATCH_DIRvalue: /scratch- name: VELERO_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespace- name: LD_LIBRARY_PATHvalue: /plugins- name: GOOGLE_APPLICATION_CREDENTIALSvalue: /credentials/cloud- name: AWS_SHARED_CREDENTIALS_FILEvalue: /credentials/cloud- name: AZURE_CREDENTIALS_FILEvalue: /credentials/cloud- name: ALIBABA_CLOUD_CREDENTIALS_FILEvalue: /credentials/cloudimage: velero/velero:v1.9.4imagePullPolicy: IfNotPresentname: veleroports:- containerPort: 8085name: metricsresources:limits:cpu: "1"memory: 512Mirequests:cpu: 500mmemory: 128MivolumeMounts:- mountPath: /pluginsname: plugins- mountPath: /scratchname: scratch- mountPath: /credentialsname: cloud-credentialsinitContainers:- image: velero/velero-plugin-for-aws:v1.5.0imagePullPolicy: IfNotPresentname: velero-velero-plugin-for-awsresources: {}volumeMounts:- mountPath: /targetname: pluginsrestartPolicy: AlwaysserviceAccountName: velerovolumes:- emptyDir: {}name: plugins- emptyDir: {}name: scratch- name: cloud-credentialssecret:secretName: cloud-credentials
- apiVersion: apps/v1kind: DaemonSetmetadata:creationTimestamp: nulllabels:component: veleroname: resticnamespace: velerospec:selector:matchLabels:name: restictemplate:metadata:creationTimestamp: nulllabels:component: veleroname: resticspec:containers:- args:- restic- server- --features=command:- /veleroenv:- name: NODE_NAMEvalueFrom:fieldRef:fieldPath: spec.nodeName- name: VELERO_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespace- name: VELERO_SCRATCH_DIRvalue: /scratch- name: GOOGLE_APPLICATION_CREDENTIALSvalue: /credentials/cloud- name: AWS_SHARED_CREDENTIALS_FILEvalue: /credentials/cloud- name: AZURE_CREDENTIALS_FILEvalue: /credentials/cloud- name: ALIBABA_CLOUD_CREDENTIALS_FILEvalue: /credentials/cloudimage: velero/velero:v1.9.4imagePullPolicy: IfNotPresentname: resticresources:limits:cpu: "1"memory: 1Girequests:cpu: 500mmemory: 512MivolumeMounts:- mountPath: /host_podsmountPropagation: HostToContainername: host-pods- mountPath: /scratchname: scratch- mountPath: /credentialsname: cloud-credentialssecurityContext:runAsUser: 0serviceAccountName: velerovolumes:- hostPath:path: /var/lib/kubelet/podsname: host-pods- emptyDir: {}name: scratch- name: cloud-credentialssecret:secretName: cloud-credentialsupdateStrategy: {}
kind: Listapply以上的部署清单文件,很快的就可以安装完毕了,查看如下pod,正常运行表示安装完毕:
[root@node4 ~]# k get po -n velero
NAME READY STATUS RESTARTS AGE
restic-2wkqs 1/1 Running 0 5h54m
restic-kw2wl 1/1 Running 0 5h54m
restic-qv6rn 1/1 Running 0 5h54m
restic-ssfrg 1/1 Running 0 5h54m
velero-fbb9469f6-vf4z5 1/1 Running 0 5h54m
四,
kubernetes集群全量资源备份
[root@node4 ~]# v backup create test
Backup request "test" submitted successfully.
Run `velero backup describe test` or `velero backup logs test` for more details.
查看是否备份成功(只有complete是成功的,其它的备份是不可用的):
NAME STATUS ERRORS WARNINGS CREATED EXPIRES STORAGE LOCATION SELECTOR
test Completed 0 0 2023-12-30 20:31:18 +0800 CST 29d default <none>
查看备份详情:
详情里说了所有资源都备份,总共备份了487个单位
[root@node4 ~]# v backup describe test
Name: test
Namespace: velero
Labels: velero.io/storage-location=default
Annotations: velero.io/source-cluster-k8s-gitversion=v1.23.16velero.io/source-cluster-k8s-major-version=1velero.io/source-cluster-k8s-minor-version=23Phase: CompletedErrors: 0
Warnings: 0Namespaces:Included: *Excluded: <none>Resources:Included: *Excluded: <none>Cluster-scoped: autoLabel selector: <none>Storage Location: defaultVelero-Native Snapshot PVs: autoTTL: 720h0m0sHooks: <none>Backup Format Version: 1.1.0Started: 2023-12-30 20:31:18 +0800 CST
Completed: 2023-12-30 20:31:28 +0800 CSTExpiration: 2024-01-29 20:31:18 +0800 CSTTotal items to be backed up: 487
Items backed up: 487Velero-Native Snapshots: <none included>
从minio下载下来的备份文件,里面都是JSON格式的
恢复:
计划恢复的目标是下面的这些
[root@node4 nginx-app]# k get po -n nginx-example
NAME READY STATUS RESTARTS AGE
nginx-deployment-5c844b66c8-7rrz8 1/1 Running 0 81s
nginx-deployment-5c844b66c8-szbg4 1/1 Running 0 81s
现在先删除nginx-example这个命名空间:
[root@node4 nginx-app]# k delete ns nginx-example
namespace "nginx-example" deleted
开始恢复:
[root@node4 nginx-app]# v restore create --from-backup=test
Restore request "test-20231230204606" submitted successfully.
Run `velero restore describe test-20231230204606` or `velero restore logs test-20231230204606` for more details.
查看恢复状态:
可以看到,在执行恢复,稍等片刻
[root@node4 nginx-app]# v restore get
NAME BACKUP STATUS STARTED COMPLETED ERRORS WARNINGS CREATED SELECTOR
test-20231230204606 test InProgress 2023-12-30 20:46:06 +0800 CST <nil> 0 0 2023-12-30 20:46:06 +0800 CST <none>
[root@node4 nginx-app]# v restore get
NAME BACKUP STATUS STARTED COMPLETED ERRORS WARNINGS CREATED SELECTOR
test-20231230204606 test Completed 2023-12-30 20:46:06 +0800 CST 2023-12-30 20:46:52 +0800 CST 0 65 2023-12-30 20:46:06 +0800 CST <none>
查看恢复日志,没有输出表示恢复正常:
[root@node4 nginx-app]# v restore logs test-20231230204606 |grep error说明:velero的恢复策略是目标资源存在将会跳过,恢复的时候不会检查image版本等等过于细节的地方,也就是说不会覆盖回退,只有删除回退。
查看日志我们应该可以得出这个比较明显的结论:
[root@node4 nginx-app]# v restore logs test-20231230205200 |grep skip
time="2023-12-30T12:52:07Z" level=info msg="Restore of StorageClass, local-storage skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of PersistentVolume, minio skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of PersistentVolumeClaim, data-minio-0 skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of Secret, default-token-24xhh skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of Secret, default-token-sj6wz skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of Secret, default-token-xzlz5 skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of Secret, attachdetach-controller-token-fbrwk skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
五,
velero的部分资源备份和恢复:
单独备份指定的namespace
[root@node4 nginx-app]# v backup create test1 --include-namespaces=nginx-example
Backup request "test1" submitted successfully.
Run `velero backup describe test1` or `velero backup logs test1` for more details.
查看备份详情:
[root@node4 nginx-app]# v backup describe test1
Name: test1
Namespace: velero
Labels: velero.io/storage-location=default
Annotations: velero.io/source-cluster-k8s-gitversion=v1.23.16velero.io/source-cluster-k8s-major-version=1velero.io/source-cluster-k8s-minor-version=23Phase: CompletedErrors: 0
Warnings: 0Namespaces:Included: nginx-exampleExcluded: <none>Resources:Included: *Excluded: <none>Cluster-scoped: autoLabel selector: <none>Storage Location: defaultVelero-Native Snapshot PVs: autoTTL: 720h0m0sHooks: <none>Backup Format Version: 1.1.0Started: 2023-12-30 21:25:02 +0800 CST
Completed: 2023-12-30 21:25:04 +0800 CSTExpiration: 2024-01-29 21:25:02 +0800 CSTTotal items to be backed up: 23
Items backed up: 23Velero-Native Snapshots: <none included>
使用此备份恢复,并查看恢复情况:
[root@node4 nginx-app]# k delete ns nginx-example
namespace "nginx-example" deleted
[root@node4 nginx-app]# v restore create --from-backup=test1
Restore request "test1-20231230212744" submitted successfully.
Run `velero restore describe test1-20231230212744` or `velero restore logs test1-20231230212744` for more details.
[root@node4 nginx-app]# k get po -n nginx-example
NAME READY STATUS RESTARTS AGE
nginx-deployment-5c844b66c8-7rrz8 1/1 Running 0 4s
nginx-deployment-5c844b66c8-szbg4 1/1 Running 0 4s
这个备份恢复迁移到其它namespace nginx1:
[root@node4 nginx-app]# v restore create --from-backup=test1 --namespace-mappings nginx-example:nginx1
Restore request "test1-20231230220044" submitted successfully.
Run `velero restore describe test1-20231230220044` or `velero restore logs test1-20231230220044` for more details.
[root@node4 nginx-app]# v restore get
NAME BACKUP STATUS STARTED COMPLETED ERRORS WARNINGS CREATED SELECTOR
test-20231230204606 test Completed 2023-12-30 20:46:06 +0800 CST 2023-12-30 20:46:52 +0800 CST 0 65 2023-12-30 20:46:06 +0800 CST <none>
test-20231230205200 test Completed 2023-12-30 20:52:00 +0800 CST 2023-12-30 20:52:52 +0800 CST 0 65 2023-12-30 20:52:00 +0800 CST <none>
test-20231230212059 test Completed 2023-12-30 21:20:59 +0800 CST 2023-12-30 21:21:46 +0800 CST 0 67 2023-12-30 21:20:59 +0800 CST <none>
test1-20231230212744 test1 Completed 2023-12-30 21:27:44 +0800 CST 2023-12-30 21:27:50 +0800 CST 0 1 2023-12-30 21:27:44 +0800 CST <none>
test1-20231230220044 test1 Completed 2023-12-30 22:00:44 +0800 CST 2023-12-30 22:00:50 +0800 CST 0 1 2023-12-30 22:00:44 +0800 CST <none>
[root@node4 nginx-app]# k get po -n nginx1
NAME READY STATUS RESTARTS AGE
nginx-deployment-5c844b66c8-7rrz8 1/1 Running 0 22s
nginx-deployment-5c844b66c8-szbg4 1/1 Running 0 22s
当然了,全备的test里也可以抽namespace出来恢复:
[root@node4 nginx-app]# v restore create --from-backup=test --namespace-mappings nginx-example:nginx3
Restore request "test-20231230220230" submitted successfully.
Run `velero restore describe test-20231230220230` or `velero restore logs test-20231230220230` for more details.
[root@node4 nginx-app]# v restore create --from-backup=test --namespace-mappings kube-system:nginx3
Restore request "test-20231230220613" submitted successfully.
Run `velero restore describe test-20231230220613` or `velero restore logs test-20231230220613` for more details.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-84897d7cdf-crnmk 0/1 ContainerCreating 0 1s
calico-node-2m7hp 0/1 Init:0/2 0 1s
calico-node-5ztjk 0/1 Init:0/2 0 1s
calico-node-96dmb 0/1 Init:0/2 0 1s
calico-node-rqp2p 0/1 Init:0/2 0 0s
coredns-b7c47bcdc-6vdk2 0/1 ContainerCreating 0 0s
coredns-b7c47bcdc-db9cp 0/1 ContainerCreating 0 0s
kube-proxy-649mn 0/1 Pending 0 0s
kube-proxy-7q7ts 0/1 ContainerCreating 0 0s
kube-proxy-dmd7v 0/1 Pending 0 0s
单独的pod备份就不需要使用velero了,直接kubectl get deploy -n namespace -oyaml 就可以了
注意:
velero restore恢复不会覆盖已有的资源,只恢复当前集群中不存在的资源。已有的资源不会回滚到之前的版本,如需要回滚,需在restore之前提前删除现有的资源。
–include-resources
备份集群中的所有 deployments:velero backup create <backup-name> --include-resources deployments
恢复集群中的所有 deployments 和 configmaps。velero restore create <backup-name> --include-resources deployments,configmaps
在 namespace 中备份 deployments。velero backup create <backup-name> --include-resources deployments --include-namespaces <namespace>
–selector
包括与 label selector 匹配的资源。velero backup create <backup-name> --selector <key>=<value>
Excludes
从备份中排除特定资源。通配符排除将被忽略。
–exclude-namespaces
Exclude kube-system from the cluster backup.velero backup create <backup-name> --exclude-namespaces kube-system
还原期间排除两个 namespace。velero restore create <backup-name> --exclude-namespaces <namespace1>,<namespace2>
–exclude-resources
从备份中排除 secrets:velero backup create <backup-name> --exclude-resources secrets
排除 secrets 和 rolebindings:velero backup create <backup-name> --exclude-resources secrets,rolebindings
自动计划备份:
这里说明一下,ttl过期时间可以免去一些备份文件的管理工作,当然普通的备份也可以指定这个过期时间
# 每日1点进行备份
velero create schedule <SCHEDULE NAME> --schedule="0 1 * * *"
# 每日1点进行备份,备份保留72小时
velero create schedule <SCHEDULE NAME> --schedule="0 1 * * *" --ttl 72h
# 每5小时进行一次备份
velero create schedule <SCHEDULE NAME> --schedule="@every 5h"
# 每日对 指定 namespace 进行一次备份 (如dev)
velero create schedule <SCHEDULE NAME> --schedule="@every 24h" --include-namespaces dev[root@node4 nginx-app]# v create schedule test --schedule="0 0 * * *" --ttl=72h
Schedule "test" created successfully.
[root@node4 nginx-app]# v schedule get
NAME STATUS CREATED SCHEDULE BACKUP TTL LAST BACKUP SELECTOR
test Enabled 2023-12-30 22:29:11 +0800 CST 0 0 * * * 72h0m0s n/a <none>
相关文章:
云原生|kubernetes|kubernetes资源备份和集群迁移神器velero的部署和使用
前言: kubernetes集群需要灾备吗?kubernetes需要迁移吗? 答案肯定是需要的 那么,如何做kubernetes灾备和迁移呢?当然了,有很多的方法,例如,自己编写shell脚本,或者使用…...
【26.4K⭐】ShareX:一款开源免费、功能强大且丰富的截屏录屏软件
【26.4K⭐】ShareX:一款开源免费、功能强大且丰富的截屏录屏软件 在日常工作、学习和娱乐过程中,我们经常需要截取屏幕或者录制屏幕上特定区域中的内容并进行标记、编辑等操作。无论是为了记录重要的信息、分享有趣的内容,还是为了制作教程和…...
什么是ajax,为什么使用ajax?
概念:ajax是一种现有的技术集合,技术内容包括:HTML或XHTML,CSS,JavaScript,DOM,XML,XSLT,以及最重要的XMLHttpRequest。用于浏览器与服务器之间使用异步传输,做到局部请求以实现局部刷新。 作用…...
AI面板识别 - 华为OD统一考试
OD统一考试 (B卷) 分值: 100分 题解: Java / Python / C++ 题目描述 AI识别到面板上有N(1 ≤ N ≤ 100)个指示灯,灯大小一样,任意两个之间无重叠。 由于AI识别误差,每次别到的指示灯位置可能有差异,以4个坐标值描述AI识别的指示灯的大小和位置(左上角x1,y1,右下角x2…...
Linux之磁盘分区,挂载
Linux分区 分区介绍 对linux来说无论有几个分区,分给哪个目录使用,归根结底只有一个根目录,linux中每个分区都是用来组成整个文件系统的一部分。linux采用“载入"的处理方法,他的整个文件系统中包含一整套的文件和目录&…...
2核2G3M服务器上传速度多少?以阿里云和腾讯云为例
2核2G3M服务器上传速度多少?上传是按10M带宽算,上传速度是1280KB/秒,即1.25M/秒;下载速度按3M带宽计算,下载速度是384KB/秒。本文是以阿里云为例的,阿里云服务器当公网带宽小于10M及10M以下时,上…...
Cisco模拟器-OSPF路由协议
设计要求用两台双口路由器连接不同IP网段的计算机,并使用OSFP协议发现路由表使不同IP网段的计算机可以相互通信。 通过设计,可以连通IP地址网段不同的局域网,可应用在园区网的互连和互通的实现上。 主要配置步骤 路由器0: Router…...
SpEL 的使用
SpEL 的使用 SpEL的全称为 Spring Expression Language,具有再运行时构建复杂表达式、存取对象图属性、对象方法调用等功能 下面是一个简单样例 public class SpelTest { Test public void test1() { ExpressionParser parser new SpelExpressionParser(); …...
数据采集实战:电商详情页数据埋点
本文我们以电商产品的商品详情页为例,介绍如何做用户浏览以及点击行为的数据埋点。 案例中包含一个页面(商品详情页)以及该页面上的关键按钮(加购、收藏按钮),具体页面如下图所示。 (1…...
计算机网络——计算大题(七)
前言: 最近也是在准备计算机考试,我们的考试形式是上机考试,所以可能有些计算题是会给提供思路的,前面已经对本学期的计算机网络知识有了一个简单的认识与了解,现在我们就来对计算大题进行一个学习吧,这里的…...
子网掩码与IP段计算
一.什么叫子网掩码: 子网掩码(subnet mask)又叫网络掩码、地址掩码、子网络遮罩,它用来指明一个IP地址的哪些位标识的是主机所在的子网,以及哪些位标识的是主机的位掩码。子网掩码不能单独存在,它必须结合IP地址一起使用。 子网掩…...
【译文】IEEE白皮书 6G 太赫兹技术的基本原理 2023版
第一章 简介 太赫兹波是介于微波和光波之间的光谱区域,频率从 0.1THz ~ 10THz 之间,波长在 3mm ~ 30μm 之间。提供大块连续的频带范围以满足对 Tbit/s 内极高数据传输速率的需求,使该区域成为下一代无线通信(6G)的重…...
AUTOSAR从入门到精通-网络通信(UDPNm)(三)
目录 前言 原理 网络状态 初始化 执行 处理器架构 时间参数...
ubuntu 使用openssl制作一个自签名证书
我们需要为浏览器创建自己的根CA证书来信任自签名证书。因此,让我们首先创建根CA证书 创建根CA证书 创建文件夹 mkdir openssl && cd openssl执行以下openssl命令,生成 rootCA.key 以及 rootCA.crt. 用你的域名或者ip地址替换demo.mlopshub.c…...
WPF+Halcon 培训项目实战(1-5):Halcon安装,图像处理,Halcon简单模板匹配
文章目录 前言相关链接项目专栏我个人对就业市场的评价Halcon安装实战1-4:Halcon基础实战5:模板匹配[形状匹配]实战代码 结尾 前言 为了更好地去学习WPFHalcon,我决定去报个班学一下。原因无非是想换个工作。相关的教学视频来源于下方的Up主…...
虚函数的讲解
文章目录 虚函数的声明与定义代码演示基类Person派生类Man派生类Woman 测试代码动态绑定静态绑定访问私有虚函数总结一下通过成员函数指针调用函数的方式 虚函数的声明与定义 虚函数存在于C的类、结构体等中,不能存在于全局函数中,只能作为成员函数存在…...
Java强软弱虚引用
面试: 1.强引用,软引用,弱引用,虚引用分别是什么? 2.软引用和弱引用适用的场景? 3.你知道弱引用的话,能谈谈WeakHashMap吗? 目录 一、Java引用 1、强引用(默认支持模式…...
QCharView使用
QCharView概念:title、系列、图标Chart、视图 说明: 需要添加Qt组件charts 在使用QChart或者QChartView之前需要添加宏定义QT_CHARTS_USE_NAMESPACE (其实是使用了命名空间),不然不能识别QChart或者QChartView 3.在添加宏定义QT_CHARTS_USE_N…...
华为hcia之ipv6实验手册
R3: dhcp enable ipv6 dhcpv6 pool test address prefix 2000:23::/64 excluded-address 2000:23::2 dns-server 2000:23::2 interface GigabitEthernet0/0/0 ipv6 enable ipv6 address 2000:12::2/64 ipv6 address auto link-local undo ipv6 nd ra halt //无状态配置 inter…...
算法设计与分析-图算法小结BFS/DFS/Topologic/Dijkstra/Floyd/最大流
图 注:CSDN貌似不支持较长公式,可以复制到Markdown编辑器查看 图的表示 邻接矩阵 空间复杂度 Θ ( V 2 ) Θ(V^2) Θ(V2)邻接链表 空间复杂度 Θ ( V E ) Θ(VE) Θ(VE) BFS 邻接链表 时间复杂度 Θ ( V E ) Θ(VE) Θ(VE) void BFS(Graph G, int v) {//…...
CentOS 8 安装指定版本ansible
背景:想要练习ansible使用,用于面试,结果使用centos 8 的yum安装失败,提示版本不兼容(指的是python版本),故而使用python来安装指定版本的ansible,特此记录 环境:win11虚…...
策略模式(及案例)
策略模式 1.策略接口 定义一组算法或操作的通用接口,通常是一个抽象类或接口。该接口声明了策略类所必须实现的方法。 示例: class Strategy {doOperation() {} }2.具体策略 实现策略接口,提供具体的算法实现。每个具体策略类负责处理一…...
苹果CMS超级播放器专业版无授权全开源,附带安装教程
源码介绍 超级播放器专业版v1.0.8,内置六大主流播放器,支持各种格式的视频播放,支持主要功能在每一个播放器内核中都相同效果。 搭建教程 1.不兼容IE浏览器 2.php版本推荐7.4 支持7.1~7.4 3.框架引入不支持同时引入多个播放器 json对接教…...
项目记录:利用Redis实现缓存以提升查询效率
一、概述 当我们查询所有数据时,如果缓存中没有,则去数据库查询,如果有,直接查缓存的数据就行。注意定期更新缓存数据。 二、主体代码 private static final String ROOM_SCHEDULES_HASH "RoomSchedules";Overridepu…...
腾讯云16核32G28M轻量服务器CPU流量性能测评
腾讯云轻量16核32G28M服务器28M公网带宽下载速度峰值可达3584KB/s,折合3.5M/秒,系统盘为380GB SSD盘,6000GB月流量,折合每天200GB流量。腾讯云百科txybk.com来详细说下腾讯云轻量应用服务器16核32G28M配置性能、CPU主频型号、公网…...
【并发设计模式】聊聊等待唤醒机制的规范实现
在多线程编程中,其实就是分工、协作、互斥。在很多场景中,比如A执行的过程中需要同步等待另外一个线程处理的结果,这种方式下,就是一种等待唤醒的机制。本篇我们来讲述等待唤醒机制的三种实现,以及对应的应用场景。 G…...
CentOS:docker同一容器间通信
docker同一容器中不同服务以别名访问 1、创建bridge网络 docker network create testnet 2、查看Docker网络 docker network ls 3、运行容器连接到testnet网络 使用方法:docker run -it --name <容器名> —network --network-alias <网络别名> <…...
数据治理:释放数据价值的关键
随着数字化时代的到来,数据已成为组织和企业最重要的资产之一。然而,数据的快速增长和复杂性也给数据管理带来了巨大的挑战。为了确保数据的质量、安全性和合规性,数据治理已成为组织和企业必须面对的重要问题。数据治理是数据要素市场建设的…...
新手快速上手掌握基础排序<一>
听说看到日落金山的人,接下来的日子会顺顺利利,万事胜意,生活明朗-----------林辞忧 引言 从基础的两数交换排序,三四个数排序输出,到学习入门级的排序方法,如冒泡法,选择法,再学…...
2023年03月21日_chatgpt宕机事件的简单回顾
你能想象吗 ChatGPT挂了 昨天半夜呢 来自全球各地的用户纷纷发现 ChatGPT的网站弹出了报错警告的信息 然后立即就无法使用了 即使是有特权的plus账户也未能幸免 一时之间呢 chatgptdown的话题在Twitter刷屏 不少重度的用户表示很着急 有的用户说呢没了ChatGPT 这工作…...
RK3568测试tdd
RK3568测试tdd 一、门禁取包二、烧录三、跑tdd用例四、查看结果参考资料 一、门禁取包 右键复制链接,粘贴下载;解压到文件夹; 二、烧录 双击\windows\RKDevTool.exe打开烧写工具,工具界面击烧写步骤如图所示: 推荐…...
机器学习系列13:通过随机森林获取特征重要性
我们已经知道通过 L1 正则化和 SBS 算法可以用来做特征选择。 我们还可以通过随机森林从数据集中选择相关的特征。随机森林里面包含了多棵决策树,我们可以通过计算特征在每棵决策树决策过程中所产生的的信息增益平均值来衡量该特征的重要性。 你可能需要参考&…...
flink中值得监控的几个指标
背景 为了维持flink的正常运行,对flink的日常监控就变得很重要,本文我们就来看一下flink中要监控的几个重要的指标 重要的监控指标 1.算子的处理速度的指标:numRecordsInPerSecond/numRecordsOutPerSecond,这有助于你了解到算子的是否正在…...
最优化方法Python计算:无约束优化应用——逻辑分类模型
逻辑回归模型更多地用于如下例所示判断或分类场景。 例1 某银行的贷款用户数据如下表: 欠款(元)收入(元)是否逾期17000800Yes220002500No350003000Yes440004000No520003800No 显然,客户是否逾期ÿ…...
springboot定时执行某个任务
springboot定时执行某个任务 要定时执行的方法加上Schedule注解 括号内跟 cron表达式 “ 30 15 10 * * ?” 代表秒 分 时 日 月 周几 启动类上加上EnableScheduling 注释...
Java EE Servlet之Servlet API详解
文章目录 1. HttpServlet1.1 核心方法 2. HttpServletRequest3. HttpServletResponse 接下来我们来学习 Servlet API 里面的详细情况 1. HttpServlet 写一个 Servlet 代码,都是要继承这个类,重写里面的方法 Servlet 这里的代码,只需要继承…...
neo4j运维管理
管理数据库 概念 Neo4j 5(从v4.0),可以同时创建和使用多个活动数据库。 DBMS Neo4j是一个数据库管理系统(DBMS),能够管理多个数据库。DBMS可以管理一个独立的服务器,也可以管理集群中的一组服务器。 实例 Neo4j实例是运行Neo4j服务器代…...
【MYSQL】-函数
💖作者:小树苗渴望变成参天大树🎈 🎉作者宣言:认真写好每一篇博客💤 🎊作者gitee:gitee✨ 💞作者专栏:C语言,数据结构初阶,Linux,C 动态规划算法🎄 如 果 你 …...
传统船检已经过时?AR智慧船检来助力!!
想象一下,在茫茫大海中,一艘巨型货轮正缓缓驶过。船上的工程师戴着一副先进的AR眼镜,他们不再需要反复翻阅厚重的手册,一切所需信息都实时显示在眼前。这不是科幻电影的场景,而是智慧船检技术带来的现实变革。那么问题…...
JAVA进化史: JDK11特性及说明
JDK 11(Java Development Kit 11)是Java平台的一个版本,于2018年9月发布。这个版本引入了一些新特性和改进,以下是其中一些主要特性。 HTTP Client(标准化) JDK 11引入了一个新的HTTP客户端,用…...
模型 安索夫矩阵
本系列文章 主要是 分享模型,涉及各个领域,重在提升认知。产品市场战略。 1 安索夫矩阵的应用 1.1 江小白的多样化经营策略 使用安索夫矩阵来分析江小白市场战略。具体如下: 根据安索夫矩阵,江小白的现有产品是其白酒产品&…...
性能手机新标杆,一加 Ace 3 发布会定档 1 月 4 日
12 月 27 日,一加宣布将于 1 月 4 日发布新品一加 Ace 3。一加 Ace 系列秉持「产品力优先」理念,从一加 Ace 2、一加 Ace 2V 到一加 Ace 2 Pro,款款都是现象级爆品,得到了广大用户的认可与支持。作为一加 2024 开年之作࿰…...
Vue 框架前导:详解 Ajax
Ajax Ajax 是异步的 JavaScript 和 XML。简单来说就是使用 XMLHttpRequest 对象和服务器通信。可以使用 JSON、XML、HTML 和 text 文本格式来发送和接收数据。具有异步的特性,可在不刷新页面的情况下实现和服务器的通信,交换数据或者更新页面 01. 体验 A…...
3分钟快速安装 ClickHouse、配置服务、设置密码和远程登录以及修改数据目录
下面是一个完整的 ClickHouse 安装和配置流程,包括安装 ClickHouse、配置服务、设置密码和远程登录以及修改数据目录。 安装 ClickHouse 安装 YUM 工具包: sudo yum install -y yum-utils添加 ClickHouse YUM 仓库: sudo yum-config-manager…...
PHP8使用PDO对象增删改查MySql数据库
PDO简介 PDO(PHP Data Objects)是一个PHP扩展,它提供了一个数据库访问层,允许开发人员使用统一的接口访问各种数据库。PDO 提供了一种用于执行查询和获取结果的简单而一致的API。 以下是PDO的一些主要特点: 统一接口…...
证明:切线垂直于半径
证明: 切线垂直于过切点的半径。 下面是网上最简单的证明方法。 证明: 利用反证法。 如下图所示,直线AB和圆O切于点A,假设OA 不垂直于 AB,而 O B ⊥ A B OB \perp AB OB⊥AB,则 ∠ O B A 90 \angle OB…...
普中STM32-PZ6806L开发板(STM32CubeMX创建项目并点亮LED灯)
简介 搭建一个用于驱动 STM32F103ZET6 GPIO点亮LED灯的任务;电路原理图 LED电路原理图 芯片引脚连接LED驱动引脚原理图 创建一个点亮LED灯的Keil 5项目 创建STM32CubeMX项目 New Project -> 单击 -> 芯片搜索STM32F103ZET6->双击创建 初始化时钟 调试设置 一…...
【Windows】共享文件夹拍照还原防火墙设置(入站,出站设置)---图文并茂详细讲解
目录 一 共享文件夹(两种形式) 1.1 普通共享与高级共享区别 1.2 使用 二 拍照还原 2.1 是什么 2.2 使用 三 防火墙设置(入栈,出站设置) 3.1 引入 3.2 入站出站设置 3.2.1入站出站含义 3.3入站设置 3.4安装jdk 3.5使用tomcat进行访…...
1.决策树
目录 1. 什么是决策树? 2. 决策树的原理 2.1 如何构建决策树? 2.2 构建决策树的数据算法 2.2.1 信息熵 2.2.2 ID3算法 2.2.2.1 信息的定义 2.2.2.2 信息增益 2.2.2.3 ID3算法举例 2.2.2.4 ID3算法优缺点 2.2.3 C4.5算法 2.2.3.1 C4.5算法举例 2.2.4 CART算法 2.2.4…...
基于微信小程序的停车预约系统设计与实现
基于微信小程序的停车预约系统设计与实现 项目概述 本项目旨在结合微信小程序、后台Spring Boot和MySQL数据库,打造一套高效便捷的停车预约系统。用户通过微信小程序进行注册、登录、预约停车位等操作,而管理员和超级管理员则可通过后台管理系统对停车…...