monorepo/dezendorf/homelab/talos/cluster.yaml

---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Service account for Ceph OSDs
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-ceph-osd
  namespace: aleph-ns # namespace:cluster
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Service account for Ceph mgrs
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-ceph-mgr
  namespace: aleph-ns # namespace:cluster
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Service account for the job that reports the Ceph version in an image
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-ceph-cmd-reporter
  namespace: aleph-ns # namespace:cluster
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Service account for job that purges OSDs from a Rook-Ceph cluster
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-ceph-purge-osd
  namespace: aleph-ns # namespace:cluster

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Service account for RGW server
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-ceph-rgw
  namespace: aleph-ns # namespace:cluster
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/serviceaccount.yaml
# Service account for the Rook-Ceph operator
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-ceph-system
  namespace: aleph-ns # namespace:operator
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/serviceaccount.yaml
# Service account for the CephFS CSI driver
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-csi-cephfs-plugin-sa
  namespace: aleph-ns # namespace:operator

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/serviceaccount.yaml
# Service account for the CephFS CSI provisioner
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-csi-cephfs-provisioner-sa
  namespace: aleph-ns # namespace:operator

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/serviceaccount.yaml
# Service account for the RBD CSI driver
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-csi-rbd-plugin-sa
  namespace: aleph-ns # namespace:operator

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/serviceaccount.yaml
# Service account for the RBD CSI provisioner
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-csi-rbd-provisioner-sa
  namespace: aleph-ns # namespace:operator

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/serviceaccount.yaml
# Service account for Ceph COSI driver
apiVersion: v1
kind: ServiceAccount
metadata:
  name: objectstorage-provisioner
  namespace: aleph-ns # namespace:operator
  labels:
    app.kubernetes.io/part-of: container-object-storage-interface
    app.kubernetes.io/component: driver-ceph
    app.kubernetes.io/name: cosi-driver-ceph

  
# imagePullSecrets:
#   - name: my-registry-secret
---
# Source: rook-ceph/templates/configmap.yaml
# Operator settings that can be updated without an operator restart
# Operator settings that require an operator restart are found in the operator env vars
kind: ConfigMap
apiVersion: v1
metadata:
  name: rook-ceph-operator-config
data:
  ROOK_LOG_LEVEL: "INFO"
  ROOK_CEPH_COMMANDS_TIMEOUT_SECONDS: "15"
  ROOK_OBC_WATCH_OPERATOR_NAMESPACE: "true"
  ROOK_CEPH_ALLOW_LOOP_DEVICES: "false"
  ROOK_DISABLE_ADMISSION_CONTROLLER: "true"
  ROOK_CSI_ENABLE_RBD: "true"
  ROOK_CSI_ENABLE_CEPHFS: "true"
  CSI_ENABLE_CEPHFS_SNAPSHOTTER: "true"
  CSI_ENABLE_NFS_SNAPSHOTTER: "true"
  CSI_ENABLE_RBD_SNAPSHOTTER: "true"
  CSI_PLUGIN_ENABLE_SELINUX_HOST_MOUNT: "false"
  CSI_ENABLE_ENCRYPTION: "false"
  CSI_ENABLE_OMAP_GENERATOR: "false"
  CSI_ENABLE_HOST_NETWORK: "true"
  CSI_ENABLE_METADATA: "false"
  CSI_PLUGIN_PRIORITY_CLASSNAME: "system-node-critical"
  CSI_PROVISIONER_PRIORITY_CLASSNAME: "system-cluster-critical"
  CSI_RBD_FSGROUPPOLICY: "File"
  CSI_CEPHFS_FSGROUPPOLICY: "File"
  CSI_NFS_FSGROUPPOLICY: "File"
  ROOK_CSI_ENABLE_GRPC_METRICS: "false"
  ROOK_CSI_IMAGE_PULL_POLICY: "IfNotPresent"
  CSI_ENABLE_CSIADDONS: "false"
  ROOK_CSIADDONS_IMAGE: "quay.io/csiaddons/k8s-sidecar:v0.7.0"
  CSI_ENABLE_TOPOLOGY: "false"
  CSI_ENABLE_READ_AFFINITY : "false"
  ROOK_CSI_ENABLE_NFS: "false"
  CSI_FORCE_CEPHFS_KERNEL_CLIENT: "true"
  CSI_GRPC_TIMEOUT_SECONDS: "150"
  CSI_PROVISIONER_REPLICAS: "2"
  CSI_RBD_PROVISIONER_RESOURCE: "- name : csi-provisioner\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 100m\n    limits:\n      memory: 256Mi\n      cpu: 200m\n- name : csi-resizer\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 100m\n    limits:\n      memory: 256Mi\n      cpu: 200m\n- name : csi-attacher\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 100m\n    limits:\n      memory: 256Mi\n      cpu: 200m\n- name : csi-snapshotter\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 100m\n    limits:\n      memory: 256Mi\n      cpu: 200m\n- name : csi-rbdplugin\n  resource:\n    requests:\n      memory: 512Mi\n      cpu: 250m\n    limits:\n      memory: 1Gi\n      cpu: 500m\n- name : csi-omap-generator\n  resource:\n    requests:\n      memory: 512Mi\n      cpu: 250m\n    limits:\n      memory: 1Gi\n      cpu: 500m\n- name : liveness-prometheus\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 50m\n    limits:\n      memory: 256Mi\n      cpu: 100m\n"
  CSI_RBD_PLUGIN_RESOURCE: "- name : driver-registrar\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 50m\n    limits:\n      memory: 256Mi\n      cpu: 100m\n- name : csi-rbdplugin\n  resource:\n    requests:\n      memory: 512Mi\n      cpu: 250m\n    limits:\n      memory: 1Gi\n      cpu: 500m\n- name : liveness-prometheus\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 50m\n    limits:\n      memory: 256Mi\n      cpu: 100m\n"
  CSI_CEPHFS_PROVISIONER_RESOURCE: "- name : csi-provisioner\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 100m\n    limits:\n      memory: 256Mi\n      cpu: 200m\n- name : csi-resizer\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 100m\n    limits:\n      memory: 256Mi\n      cpu: 200m\n- name : csi-attacher\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 100m\n    limits:\n      memory: 256Mi\n      cpu: 200m\n- name : csi-snapshotter\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 100m\n    limits:\n      memory: 256Mi\n      cpu: 200m\n- name : csi-cephfsplugin\n  resource:\n    requests:\n      memory: 512Mi\n      cpu: 250m\n    limits:\n      memory: 1Gi\n      cpu: 500m\n- name : liveness-prometheus\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 50m\n    limits:\n      memory: 256Mi\n      cpu: 100m\n"
  CSI_CEPHFS_PLUGIN_RESOURCE: "- name : driver-registrar\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 50m\n    limits:\n      memory: 256Mi\n      cpu: 100m\n- name : csi-cephfsplugin\n  resource:\n    requests:\n      memory: 512Mi\n      cpu: 250m\n    limits:\n      memory: 1Gi\n      cpu: 500m\n- name : liveness-prometheus\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 50m\n    limits:\n      memory: 256Mi\n      cpu: 100m\n"
  CSI_NFS_PROVISIONER_RESOURCE: "- name : csi-provisioner\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 100m\n    limits:\n      memory: 256Mi\n      cpu: 200m\n- name : csi-nfsplugin\n  resource:\n    requests:\n      memory: 512Mi\n      cpu: 250m\n    limits:\n      memory: 1Gi\n      cpu: 500m\n- name : csi-attacher\n  resource:\n    requests:\n      memory: 512Mi\n      cpu: 250m\n    limits:\n      memory: 1Gi\n      cpu: 500m\n"
  CSI_NFS_PLUGIN_RESOURCE: "- name : driver-registrar\n  resource:\n    requests:\n      memory: 128Mi\n      cpu: 50m\n    limits:\n      memory: 256Mi\n      cpu: 100m\n- name : csi-nfsplugin\n  resource:\n    requests:\n      memory: 512Mi\n      cpu: 250m\n    limits:\n      memory: 1Gi\n      cpu: 500m\n"
  CSI_CEPHFS_ATTACH_REQUIRED: "true"
  CSI_RBD_ATTACH_REQUIRED: "true"
  CSI_NFS_ATTACH_REQUIRED: "true"
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephblockpoolradosnamespaces.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephBlockPoolRadosNamespace
    listKind: CephBlockPoolRadosNamespaceList
    plural: cephblockpoolradosnamespaces
    singular: cephblockpoolradosnamespace
  scope: Namespaced
  versions:
    - name: v1
      schema:
        openAPIV3Schema:
          description: CephBlockPoolRadosNamespace represents a Ceph BlockPool Rados Namespace
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: Spec represents the specification of a Ceph BlockPool Rados Namespace
              properties:
                blockPoolName:
                  description: BlockPoolName is the name of Ceph BlockPool. Typically it's the name of the CephBlockPool CR.
                  type: string
              required:
                - blockPoolName
              type: object
            status:
              description: Status represents the status of a CephBlockPool Rados Namespace
              properties:
                info:
                  additionalProperties:
                    type: string
                  nullable: true
                  type: object
                phase:
                  description: ConditionType represent a resource's status
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephblockpools.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephBlockPool
    listKind: CephBlockPoolList
    plural: cephblockpools
    singular: cephblockpool
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephBlockPool represents a Ceph Storage Pool
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: NamedBlockPoolSpec allows a block pool to be created with a non-default name. This is more specific than the NamedPoolSpec so we get schema validation on the allowed pool names that can be specified.
              properties:
                compressionMode:
                  description: 'DEPRECATED: use Parameters instead, e.g., Parameters["compression_mode"] = "force" The inline compression mode in Bluestore OSD to set to (options are: none, passive, aggressive, force) Do NOT set a default value for kubebuilder as this will override the Parameters'
                  enum:
                    - none
                    - passive
                    - aggressive
                    - force
                    - ""
                  nullable: true
                  type: string
                crushRoot:
                  description: The root of the crush hierarchy utilized by the pool
                  nullable: true
                  type: string
                deviceClass:
                  description: The device class the OSD should set to for use in the pool
                  nullable: true
                  type: string
                enableRBDStats:
                  description: EnableRBDStats is used to enable gathering of statistics for all RBD images in the pool
                  type: boolean
                erasureCoded:
                  description: The erasure code settings
                  properties:
                    algorithm:
                      description: The algorithm for erasure coding
                      type: string
                    codingChunks:
                      description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool type). This is the number of OSDs that can be lost simultaneously before data cannot be recovered.
                      minimum: 0
                      type: integer
                    dataChunks:
                      description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool type). The number of chunks required to recover an object when any single OSD is lost is the same as dataChunks so be aware that the larger the number of data chunks, the higher the cost of recovery.
                      minimum: 0
                      type: integer
                  required:
                    - codingChunks
                    - dataChunks
                  type: object
                failureDomain:
                  description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush map'
                  type: string
                mirroring:
                  description: The mirroring settings
                  properties:
                    enabled:
                      description: Enabled whether this pool is mirrored or not
                      type: boolean
                    mode:
                      description: 'Mode is the mirroring mode: either pool or image'
                      type: string
                    peers:
                      description: Peers represents the peers spec
                      nullable: true
                      properties:
                        secretNames:
                          description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
                          items:
                            type: string
                          type: array
                      type: object
                    snapshotSchedules:
                      description: SnapshotSchedules is the scheduling of snapshot for mirrored images/pools
                      items:
                        description: SnapshotScheduleSpec represents the snapshot scheduling settings of a mirrored pool
                        properties:
                          interval:
                            description: Interval represent the periodicity of the snapshot.
                            type: string
                          path:
                            description: Path is the path to snapshot, only valid for CephFS
                            type: string
                          startTime:
                            description: StartTime indicates when to start the snapshot
                            type: string
                        type: object
                      type: array
                  type: object
                name:
                  description: The desired name of the pool if different from the CephBlockPool CR name.
                  enum:
                    - device_health_metrics
                    - .nfs
                    - .mgr
                  type: string
                parameters:
                  additionalProperties:
                    type: string
                  description: Parameters is a list of properties to enable on a given pool
                  nullable: true
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                quotas:
                  description: The quota settings
                  nullable: true
                  properties:
                    maxBytes:
                      description: MaxBytes represents the quota in bytes Deprecated in favor of MaxSize
                      format: int64
                      type: integer
                    maxObjects:
                      description: MaxObjects represents the quota in objects
                      format: int64
                      type: integer
                    maxSize:
                      description: MaxSize represents the quota in bytes as a string
                      pattern: ^[0-9]+[\.]?[0-9]*([KMGTPE]i|[kMGTPE])?$
                      type: string
                  type: object
                replicated:
                  description: The replication settings
                  properties:
                    hybridStorage:
                      description: HybridStorage represents hybrid storage tier settings
                      nullable: true
                      properties:
                        primaryDeviceClass:
                          description: PrimaryDeviceClass represents high performance tier (for example SSD or NVME) for Primary OSD
                          minLength: 1
                          type: string
                        secondaryDeviceClass:
                          description: SecondaryDeviceClass represents low performance tier (for example HDDs) for remaining OSDs
                          minLength: 1
                          type: string
                      required:
                        - primaryDeviceClass
                        - secondaryDeviceClass
                      type: object
                    replicasPerFailureDomain:
                      description: ReplicasPerFailureDomain the number of replica in the specified failure domain
                      minimum: 1
                      type: integer
                    requireSafeReplicaSize:
                      description: RequireSafeReplicaSize if false allows you to set replica 1
                      type: boolean
                    size:
                      description: Size - Number of copies per object in a replicated storage pool, including the object itself (required for replicated pool type)
                      minimum: 0
                      type: integer
                    subFailureDomain:
                      description: SubFailureDomain the name of the sub-failure domain
                      type: string
                    targetSizeRatio:
                      description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity
                      type: number
                  required:
                    - size
                  type: object
                statusCheck:
                  description: The mirroring statusCheck
                  properties:
                    mirror:
                      description: HealthCheckSpec represents the health check of an object store bucket
                      nullable: true
                      properties:
                        disabled:
                          type: boolean
                        interval:
                          description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                          type: string
                        timeout:
                          type: string
                      type: object
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
              type: object
            status:
              description: CephBlockPoolStatus represents the mirroring status of Ceph Storage Pool
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                info:
                  additionalProperties:
                    type: string
                  nullable: true
                  type: object
                mirroringInfo:
                  description: MirroringInfoSpec is the status of the pool mirroring
                  properties:
                    details:
                      type: string
                    lastChanged:
                      type: string
                    lastChecked:
                      type: string
                    mode:
                      description: Mode is the mirroring mode
                      type: string
                    peers:
                      description: Peers are the list of peer sites connected to that cluster
                      items:
                        description: PeersSpec contains peer details
                        properties:
                          client_name:
                            description: ClientName is the CephX user used to connect to the peer
                            type: string
                          direction:
                            description: Direction is the peer mirroring direction
                            type: string
                          mirror_uuid:
                            description: MirrorUUID is the mirror UUID
                            type: string
                          site_name:
                            description: SiteName is the current site name
                            type: string
                          uuid:
                            description: UUID is the peer UUID
                            type: string
                        type: object
                      type: array
                    site_name:
                      description: SiteName is the current site name
                      type: string
                  type: object
                mirroringStatus:
                  description: MirroringStatusSpec is the status of the pool mirroring
                  properties:
                    details:
                      description: Details contains potential status errors
                      type: string
                    lastChanged:
                      description: LastChanged is the last time time the status last changed
                      type: string
                    lastChecked:
                      description: LastChecked is the last time time the status was checked
                      type: string
                    summary:
                      description: Summary is the mirroring status summary
                      properties:
                        daemon_health:
                          description: DaemonHealth is the health of the mirroring daemon
                          type: string
                        health:
                          description: Health is the mirroring health
                          type: string
                        image_health:
                          description: ImageHealth is the health of the mirrored image
                          type: string
                        states:
                          description: States is the various state for all mirrored images
                          nullable: true
                          properties:
                            error:
                              description: Error is when the mirroring state is errored
                              type: integer
                            replaying:
                              description: Replaying is when the replay of the mirroring journal is on-going
                              type: integer
                            starting_replay:
                              description: StartingReplay is when the replay of the mirroring journal starts
                              type: integer
                            stopped:
                              description: Stopped is when the mirroring state is stopped
                              type: integer
                            stopping_replay:
                              description: StopReplaying is when the replay of the mirroring journal stops
                              type: integer
                            syncing:
                              description: Syncing is when the image is syncing
                              type: integer
                            unknown:
                              description: Unknown is when the mirroring state is unknown
                              type: integer
                          type: object
                      type: object
                  type: object
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  description: ConditionType represent a resource's status
                  type: string
                snapshotScheduleStatus:
                  description: SnapshotScheduleStatusSpec is the status of the snapshot schedule
                  properties:
                    details:
                      description: Details contains potential status errors
                      type: string
                    lastChanged:
                      description: LastChanged is the last time time the status last changed
                      type: string
                    lastChecked:
                      description: LastChecked is the last time time the status was checked
                      type: string
                    snapshotSchedules:
                      description: SnapshotSchedules is the list of snapshots scheduled
                      items:
                        description: SnapshotSchedulesSpec is the list of snapshot scheduled for images in a pool
                        properties:
                          image:
                            description: Image is the mirrored image
                            type: string
                          items:
                            description: Items is the list schedules times for a given snapshot
                            items:
                              description: SnapshotSchedule is a schedule
                              properties:
                                interval:
                                  description: Interval is the interval in which snapshots will be taken
                                  type: string
                                start_time:
                                  description: StartTime is the snapshot starting time
                                  type: string
                              type: object
                            type: array
                          namespace:
                            description: Namespace is the RADOS namespace the image is part of
                            type: string
                          pool:
                            description: Pool is the pool name
                            type: string
                        type: object
                      nullable: true
                      type: array
                  type: object
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephbucketnotifications.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephBucketNotification
    listKind: CephBucketNotificationList
    plural: cephbucketnotifications
    singular: cephbucketnotification
  scope: Namespaced
  versions:
    - name: v1
      schema:
        openAPIV3Schema:
          description: CephBucketNotification represents a Bucket Notifications
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: BucketNotificationSpec represent the spec of a Bucket Notification
              properties:
                events:
                  description: List of events that should trigger the notification
                  items:
                    description: BucketNotificationSpec represent the event type of the bucket notification
                    enum:
                      - s3:ObjectCreated:*
                      - s3:ObjectCreated:Put
                      - s3:ObjectCreated:Post
                      - s3:ObjectCreated:Copy
                      - s3:ObjectCreated:CompleteMultipartUpload
                      - s3:ObjectRemoved:*
                      - s3:ObjectRemoved:Delete
                      - s3:ObjectRemoved:DeleteMarkerCreated
                    type: string
                  type: array
                filter:
                  description: Spec of notification filter
                  properties:
                    keyFilters:
                      description: Filters based on the object's key
                      items:
                        description: NotificationKeyFilterRule represent a single key rule in the Notification Filter spec
                        properties:
                          name:
                            description: Name of the filter - prefix/suffix/regex
                            enum:
                              - prefix
                              - suffix
                              - regex
                            type: string
                          value:
                            description: Value to filter on
                            type: string
                        required:
                          - name
                          - value
                        type: object
                      type: array
                    metadataFilters:
                      description: Filters based on the object's metadata
                      items:
                        description: NotificationFilterRule represent a single rule in the Notification Filter spec
                        properties:
                          name:
                            description: Name of the metadata or tag
                            minLength: 1
                            type: string
                          value:
                            description: Value to filter on
                            type: string
                        required:
                          - name
                          - value
                        type: object
                      type: array
                    tagFilters:
                      description: Filters based on the object's tags
                      items:
                        description: NotificationFilterRule represent a single rule in the Notification Filter spec
                        properties:
                          name:
                            description: Name of the metadata or tag
                            minLength: 1
                            type: string
                          value:
                            description: Value to filter on
                            type: string
                        required:
                          - name
                          - value
                        type: object
                      type: array
                  type: object
                topic:
                  description: The name of the topic associated with this notification
                  minLength: 1
                  type: string
              required:
                - topic
              type: object
            status:
              description: Status represents the status of an object
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephbuckettopics.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephBucketTopic
    listKind: CephBucketTopicList
    plural: cephbuckettopics
    singular: cephbuckettopic
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephBucketTopic represents a Ceph Object Topic for Bucket Notifications
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: BucketTopicSpec represent the spec of a Bucket Topic
              properties:
                endpoint:
                  description: Contains the endpoint spec of the topic
                  properties:
                    amqp:
                      description: Spec of AMQP endpoint
                      properties:
                        ackLevel:
                          default: broker
                          description: The ack level required for this topic (none/broker/routeable)
                          enum:
                            - none
                            - broker
                            - routeable
                          type: string
                        disableVerifySSL:
                          description: Indicate whether the server certificate is validated by the client or not
                          type: boolean
                        exchange:
                          description: Name of the exchange that is used to route messages based on topics
                          minLength: 1
                          type: string
                        uri:
                          description: The URI of the AMQP endpoint to push notification to
                          minLength: 1
                          type: string
                      required:
                        - exchange
                        - uri
                      type: object
                    http:
                      description: Spec of HTTP endpoint
                      properties:
                        disableVerifySSL:
                          description: Indicate whether the server certificate is validated by the client or not
                          type: boolean
                        sendCloudEvents:
                          description: 'Send the notifications with the CloudEvents header: https://github.com/cloudevents/spec/blob/main/cloudevents/adapters/aws-s3.md Supported for Ceph Quincy (v17) or newer.'
                          type: boolean
                        uri:
                          description: The URI of the HTTP endpoint to push notification to
                          minLength: 1
                          type: string
                      required:
                        - uri
                      type: object
                    kafka:
                      description: Spec of Kafka endpoint
                      properties:
                        ackLevel:
                          default: broker
                          description: The ack level required for this topic (none/broker)
                          enum:
                            - none
                            - broker
                          type: string
                        disableVerifySSL:
                          description: Indicate whether the server certificate is validated by the client or not
                          type: boolean
                        uri:
                          description: The URI of the Kafka endpoint to push notification to
                          minLength: 1
                          type: string
                        useSSL:
                          description: Indicate whether to use SSL when communicating with the broker
                          type: boolean
                      required:
                        - uri
                      type: object
                  type: object
                objectStoreName:
                  description: The name of the object store on which to define the topic
                  minLength: 1
                  type: string
                objectStoreNamespace:
                  description: The namespace of the object store on which to define the topic
                  minLength: 1
                  type: string
                opaqueData:
                  description: Data which is sent in each event
                  type: string
                persistent:
                  description: Indication whether notifications to this endpoint are persistent or not
                  type: boolean
              required:
                - endpoint
                - objectStoreName
                - objectStoreNamespace
              type: object
            status:
              description: BucketTopicStatus represents the Status of a CephBucketTopic
              properties:
                ARN:
                  description: The ARN of the topic generated by the RGW
                  nullable: true
                  type: string
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephclients.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephClient
    listKind: CephClientList
    plural: cephclients
    singular: cephclient
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephClient represents a Ceph Client
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: Spec represents the specification of a Ceph Client
              properties:
                caps:
                  additionalProperties:
                    type: string
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                name:
                  type: string
              required:
                - caps
              type: object
            status:
              description: Status represents the status of a Ceph Client
              properties:
                info:
                  additionalProperties:
                    type: string
                  nullable: true
                  type: object
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  description: ConditionType represent a resource's status
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephclusters.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephCluster
    listKind: CephClusterList
    plural: cephclusters
    singular: cephcluster
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - description: Directory used on the K8s nodes
          jsonPath: .spec.dataDirHostPath
          name: DataDirHostPath
          type: string
        - description: Number of MONs
          jsonPath: .spec.mon.count
          name: MonCount
          type: string
        - jsonPath: .metadata.creationTimestamp
          name: Age
          type: date
        - jsonPath: .status.phase
          name: Phase
          type: string
        - description: Message
          jsonPath: .status.message
          name: Message
          type: string
        - description: Ceph Health
          jsonPath: .status.ceph.health
          name: Health
          type: string
        - jsonPath: .spec.external.enable
          name: External
          type: boolean
        - description: Ceph FSID
          jsonPath: .status.ceph.fsid
          name: FSID
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephCluster is a Ceph storage cluster
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: ClusterSpec represents the specification of Ceph Cluster
              properties:
                annotations:
                  additionalProperties:
                    additionalProperties:
                      type: string
                    description: Annotations are annotations
                    type: object
                  description: The annotations-related configuration to add/set on each Pod related object.
                  nullable: true
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                cephVersion:
                  description: The version information that instructs Rook to orchestrate a particular version of Ceph.
                  nullable: true
                  properties:
                    allowUnsupported:
                      description: Whether to allow unsupported versions (do not set to true in production)
                      type: boolean
                    image:
                      description: Image is the container image used to launch the ceph daemons, such as quay.io/ceph/ceph:<tag> The full list of images can be found at https://quay.io/repository/ceph/ceph?tab=tags
                      type: string
                    imagePullPolicy:
                      description: ImagePullPolicy describes a policy for if/when to pull a container image One of Always, Never, IfNotPresent.
                      enum:
                        - IfNotPresent
                        - Always
                        - Never
                        - ""
                      type: string
                  type: object
                cleanupPolicy:
                  description: Indicates user intent when deleting a cluster; blocks orchestration and should not be set if cluster deletion is not imminent.
                  nullable: true
                  properties:
                    allowUninstallWithVolumes:
                      description: AllowUninstallWithVolumes defines whether we can proceed with the uninstall if they are RBD images still present
                      type: boolean
                    confirmation:
                      description: Confirmation represents the cleanup confirmation
                      nullable: true
                      pattern: ^$|^yes-really-destroy-data$
                      type: string
                    sanitizeDisks:
                      description: SanitizeDisks represents way we sanitize disks
                      nullable: true
                      properties:
                        dataSource:
                          description: DataSource is the data source to use to sanitize the disk with
                          enum:
                            - zero
                            - random
                          type: string
                        iteration:
                          description: Iteration is the number of pass to apply the sanitizing
                          format: int32
                          type: integer
                        method:
                          description: Method is the method we use to sanitize disks
                          enum:
                            - complete
                            - quick
                          type: string
                      type: object
                  type: object
                continueUpgradeAfterChecksEvenIfNotHealthy:
                  description: ContinueUpgradeAfterChecksEvenIfNotHealthy defines if an upgrade should continue even if PGs are not clean
                  type: boolean
                crashCollector:
                  description: A spec for the crash controller
                  nullable: true
                  properties:
                    daysToRetain:
                      description: DaysToRetain represents the number of days to retain crash until they get pruned
                      type: integer
                    disable:
                      description: Disable determines whether we should enable the crash collector
                      type: boolean
                  type: object
                dashboard:
                  description: Dashboard settings
                  nullable: true
                  properties:
                    enabled:
                      description: Enabled determines whether to enable the dashboard
                      type: boolean
                    port:
                      description: Port is the dashboard webserver port
                      maximum: 65535
                      minimum: 0
                      type: integer
                    ssl:
                      description: SSL determines whether SSL should be used
                      type: boolean
                    urlPrefix:
                      description: URLPrefix is a prefix for all URLs to use the dashboard with a reverse proxy
                      type: string
                  type: object
                dataDirHostPath:
                  description: The path on the host where config and data can be persisted
                  pattern: ^/(\S+)
                  type: string
                disruptionManagement:
                  description: A spec for configuring disruption management.
                  nullable: true
                  properties:
                    machineDisruptionBudgetNamespace:
                      description: Deprecated. Namespace to look for MDBs by the machineDisruptionBudgetController
                      type: string
                    manageMachineDisruptionBudgets:
                      description: Deprecated. This enables management of machinedisruptionbudgets.
                      type: boolean
                    managePodBudgets:
                      description: This enables management of poddisruptionbudgets
                      type: boolean
                    osdMaintenanceTimeout:
                      description: OSDMaintenanceTimeout sets how many additional minutes the DOWN/OUT interval is for drained failure domains it only works if managePodBudgets is true. the default is 30 minutes
                      format: int64
                      type: integer
                    pgHealthCheckTimeout:
                      description: PGHealthCheckTimeout is the time (in minutes) that the operator will wait for the placement groups to become healthy (active+clean) after a drain was completed and OSDs came back up. Rook will continue with the next drain if the timeout exceeds. It only works if managePodBudgets is true. No values or 0 means that the operator will wait until the placement groups are healthy before unblocking the next drain.
                      format: int64
                      type: integer
                  type: object
                external:
                  description: Whether the Ceph Cluster is running external to this Kubernetes cluster mon, mgr, osd, mds, and discover daemons will not be created for external clusters.
                  nullable: true
                  properties:
                    enable:
                      description: Enable determines whether external mode is enabled or not
                      type: boolean
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                healthCheck:
                  description: Internal daemon healthchecks and liveness probe
                  nullable: true
                  properties:
                    daemonHealth:
                      description: DaemonHealth is the health check for a given daemon
                      nullable: true
                      properties:
                        mon:
                          description: Monitor represents the health check settings for the Ceph monitor
                          nullable: true
                          properties:
                            disabled:
                              type: boolean
                            interval:
                              description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                              type: string
                            timeout:
                              type: string
                          type: object
                        osd:
                          description: ObjectStorageDaemon represents the health check settings for the Ceph OSDs
                          nullable: true
                          properties:
                            disabled:
                              type: boolean
                            interval:
                              description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                              type: string
                            timeout:
                              type: string
                          type: object
                        status:
                          description: Status represents the health check settings for the Ceph health
                          nullable: true
                          properties:
                            disabled:
                              type: boolean
                            interval:
                              description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                              type: string
                            timeout:
                              type: string
                          type: object
                      type: object
                    livenessProbe:
                      additionalProperties:
                        description: ProbeSpec is a wrapper around Probe so it can be enabled or disabled for a Ceph daemon
                        properties:
                          disabled:
                            description: Disabled determines whether probe is disable or not
                            type: boolean
                          probe:
                            description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.
                            properties:
                              exec:
                                description: Exec specifies the action to take.
                                properties:
                                  command:
                                    description: Command is the command line to execute inside the container, the working directory for the command  is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                                    items:
                                      type: string
                                    type: array
                                type: object
                              failureThreshold:
                                description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
                                format: int32
                                type: integer
                              grpc:
                                description: GRPC specifies an action involving a GRPC port.
                                properties:
                                  port:
                                    description: Port number of the gRPC service. Number must be in the range 1 to 65535.
                                    format: int32
                                    type: integer
                                  service:
                                    description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
                                    type: string
                                required:
                                  - port
                                type: object
                              httpGet:
                                description: HTTPGet specifies the http request to perform.
                                properties:
                                  host:
                                    description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
                                    type: string
                                  httpHeaders:
                                    description: Custom headers to set in the request. HTTP allows repeated headers.
                                    items:
                                      description: HTTPHeader describes a custom header to be used in HTTP probes
                                      properties:
                                        name:
                                          description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
                                          type: string
                                        value:
                                          description: The header field value
                                          type: string
                                      required:
                                        - name
                                        - value
                                      type: object
                                    type: array
                                  path:
                                    description: Path to access on the HTTP server.
                                    type: string
                                  port:
                                    anyOf:
                                      - type: integer
                                      - type: string
                                    description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                    x-kubernetes-int-or-string: true
                                  scheme:
                                    description: Scheme to use for connecting to the host. Defaults to HTTP.
                                    type: string
                                required:
                                  - port
                                type: object
                              initialDelaySeconds:
                                description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                                format: int32
                                type: integer
                              periodSeconds:
                                description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
                                format: int32
                                type: integer
                              successThreshold:
                                description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
                                format: int32
                                type: integer
                              tcpSocket:
                                description: TCPSocket specifies an action involving a TCP port.
                                properties:
                                  host:
                                    description: 'Optional: Host name to connect to, defaults to the pod IP.'
                                    type: string
                                  port:
                                    anyOf:
                                      - type: integer
                                      - type: string
                                    description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                    x-kubernetes-int-or-string: true
                                required:
                                  - port
                                type: object
                              terminationGracePeriodSeconds:
                                description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
                                format: int64
                                type: integer
                              timeoutSeconds:
                                description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                                format: int32
                                type: integer
                            type: object
                        type: object
                      description: LivenessProbe allows changing the livenessProbe configuration for a given daemon
                      type: object
                    startupProbe:
                      additionalProperties:
                        description: ProbeSpec is a wrapper around Probe so it can be enabled or disabled for a Ceph daemon
                        properties:
                          disabled:
                            description: Disabled determines whether probe is disable or not
                            type: boolean
                          probe:
                            description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.
                            properties:
                              exec:
                                description: Exec specifies the action to take.
                                properties:
                                  command:
                                    description: Command is the command line to execute inside the container, the working directory for the command  is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                                    items:
                                      type: string
                                    type: array
                                type: object
                              failureThreshold:
                                description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
                                format: int32
                                type: integer
                              grpc:
                                description: GRPC specifies an action involving a GRPC port.
                                properties:
                                  port:
                                    description: Port number of the gRPC service. Number must be in the range 1 to 65535.
                                    format: int32
                                    type: integer
                                  service:
                                    description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
                                    type: string
                                required:
                                  - port
                                type: object
                              httpGet:
                                description: HTTPGet specifies the http request to perform.
                                properties:
                                  host:
                                    description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
                                    type: string
                                  httpHeaders:
                                    description: Custom headers to set in the request. HTTP allows repeated headers.
                                    items:
                                      description: HTTPHeader describes a custom header to be used in HTTP probes
                                      properties:
                                        name:
                                          description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
                                          type: string
                                        value:
                                          description: The header field value
                                          type: string
                                      required:
                                        - name
                                        - value
                                      type: object
                                    type: array
                                  path:
                                    description: Path to access on the HTTP server.
                                    type: string
                                  port:
                                    anyOf:
                                      - type: integer
                                      - type: string
                                    description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                    x-kubernetes-int-or-string: true
                                  scheme:
                                    description: Scheme to use for connecting to the host. Defaults to HTTP.
                                    type: string
                                required:
                                  - port
                                type: object
                              initialDelaySeconds:
                                description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                                format: int32
                                type: integer
                              periodSeconds:
                                description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
                                format: int32
                                type: integer
                              successThreshold:
                                description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
                                format: int32
                                type: integer
                              tcpSocket:
                                description: TCPSocket specifies an action involving a TCP port.
                                properties:
                                  host:
                                    description: 'Optional: Host name to connect to, defaults to the pod IP.'
                                    type: string
                                  port:
                                    anyOf:
                                      - type: integer
                                      - type: string
                                    description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                    x-kubernetes-int-or-string: true
                                required:
                                  - port
                                type: object
                              terminationGracePeriodSeconds:
                                description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
                                format: int64
                                type: integer
                              timeoutSeconds:
                                description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                                format: int32
                                type: integer
                            type: object
                        type: object
                      description: StartupProbe allows changing the startupProbe configuration for a given daemon
                      type: object
                  type: object
                labels:
                  additionalProperties:
                    additionalProperties:
                      type: string
                    description: Labels are label for a given daemons
                    type: object
                  description: The labels-related configuration to add/set on each Pod related object.
                  nullable: true
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                logCollector:
                  description: Logging represents loggings settings
                  nullable: true
                  properties:
                    enabled:
                      description: Enabled represents whether the log collector is enabled
                      type: boolean
                    maxLogSize:
                      anyOf:
                        - type: integer
                        - type: string
                      description: MaxLogSize is the maximum size of the log per ceph daemons. Must be at least 1M.
                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                      x-kubernetes-int-or-string: true
                    periodicity:
                      description: Periodicity is the periodicity of the log rotation.
                      pattern: ^$|^(hourly|daily|weekly|monthly|1h|24h|1d)$
                      type: string
                  type: object
                mgr:
                  description: A spec for mgr related options
                  nullable: true
                  properties:
                    allowMultiplePerNode:
                      description: AllowMultiplePerNode allows to run multiple managers on the same node (not recommended)
                      type: boolean
                    count:
                      description: Count is the number of manager to run
                      maximum: 2
                      minimum: 0
                      type: integer
                    modules:
                      description: Modules is the list of ceph manager modules to enable/disable
                      items:
                        description: Module represents mgr modules that the user wants to enable or disable
                        properties:
                          enabled:
                            description: Enabled determines whether a module should be enabled or not
                            type: boolean
                          name:
                            description: Name is the name of the ceph manager module
                            type: string
                        type: object
                      nullable: true
                      type: array
                  type: object
                mon:
                  description: A spec for mon related options
                  nullable: true
                  properties:
                    allowMultiplePerNode:
                      description: AllowMultiplePerNode determines if we can run multiple monitors on the same node (not recommended)
                      type: boolean
                    count:
                      description: Count is the number of Ceph monitors
                      maximum: 9
                      minimum: 0
                      type: integer
                    failureDomainLabel:
                      type: string
                    stretchCluster:
                      description: StretchCluster is the stretch cluster specification
                      properties:
                        failureDomainLabel:
                          description: 'FailureDomainLabel the failure domain name (e,g: zone)'
                          type: string
                        subFailureDomain:
                          description: SubFailureDomain is the failure domain within a zone
                          type: string
                        zones:
                          description: Zones is the list of zones
                          items:
                            description: MonZoneSpec represents the specification of a zone in a Ceph Cluster
                            properties:
                              arbiter:
                                description: Arbiter determines if the zone contains the arbiter used for stretch cluster mode
                                type: boolean
                              name:
                                description: Name is the name of the zone
                                type: string
                              volumeClaimTemplate:
                                description: VolumeClaimTemplate is the PVC template
                                properties:
                                  apiVersion:
                                    description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
                                    type: string
                                  kind:
                                    description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
                                    type: string
                                  metadata:
                                    description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
                                    properties:
                                      annotations:
                                        additionalProperties:
                                          type: string
                                        type: object
                                      finalizers:
                                        items:
                                          type: string
                                        type: array
                                      labels:
                                        additionalProperties:
                                          type: string
                                        type: object
                                      name:
                                        type: string
                                      namespace:
                                        type: string
                                    type: object
                                  spec:
                                    description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                    properties:
                                      accessModes:
                                        description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                        items:
                                          type: string
                                        type: array
                                      dataSource:
                                        description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.'
                                        properties:
                                          apiGroup:
                                            description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                            type: string
                                          kind:
                                            description: Kind is the type of resource being referenced
                                            type: string
                                          name:
                                            description: Name is the name of resource being referenced
                                            type: string
                                        required:
                                          - kind
                                          - name
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      dataSourceRef:
                                        description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
                                        properties:
                                          apiGroup:
                                            description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                            type: string
                                          kind:
                                            description: Kind is the type of resource being referenced
                                            type: string
                                          name:
                                            description: Name is the name of resource being referenced
                                            type: string
                                          namespace:
                                            description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
                                            type: string
                                        required:
                                          - kind
                                          - name
                                        type: object
                                      resources:
                                        description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
                                        properties:
                                          claims:
                                            description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                                            items:
                                              description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                                              properties:
                                                name:
                                                  description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                                  type: string
                                              required:
                                                - name
                                              type: object
                                            type: array
                                            x-kubernetes-list-map-keys:
                                              - name
                                            x-kubernetes-list-type: map
                                          limits:
                                            additionalProperties:
                                              anyOf:
                                                - type: integer
                                                - type: string
                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                              x-kubernetes-int-or-string: true
                                            description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                            type: object
                                          requests:
                                            additionalProperties:
                                              anyOf:
                                                - type: integer
                                                - type: string
                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                              x-kubernetes-int-or-string: true
                                            description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                            type: object
                                        type: object
                                      selector:
                                        description: selector is a label query over volumes to consider for binding.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      storageClassName:
                                        description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
                                        type: string
                                      volumeMode:
                                        description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
                                        type: string
                                      volumeName:
                                        description: volumeName is the binding reference to the PersistentVolume backing this claim.
                                        type: string
                                    type: object
                                  status:
                                    description: 'status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                    properties:
                                      accessModes:
                                        description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                        items:
                                          type: string
                                        type: array
                                      allocatedResourceStatuses:
                                        additionalProperties:
                                          description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.
                                          type: string
                                        description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: - ControllerResizeInProgress: State set when resize controller starts resizing the volume in control-plane. - ControllerResizeFailed: State set when resize has failed in resize controller with a terminal error. - NodeResizePending: State set when resize controller has finished resizing the volume but further resizing of volume is needed on the node. - NodeResizeInProgress: State set when kubelet starts resizing the volume. - NodeResizeFailed: State set when resizing has failed in kubelet with a terminal error. Transient errors don't set NodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                        type: object
                                        x-kubernetes-map-type: granular
                                      allocatedResources:
                                        additionalProperties:
                                          anyOf:
                                            - type: integer
                                            - type: string
                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                          x-kubernetes-int-or-string: true
                                        description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                        type: object
                                      capacity:
                                        additionalProperties:
                                          anyOf:
                                            - type: integer
                                            - type: string
                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                          x-kubernetes-int-or-string: true
                                        description: capacity represents the actual resources of the underlying volume.
                                        type: object
                                      conditions:
                                        description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
                                        items:
                                          description: PersistentVolumeClaimCondition contains details about state of pvc
                                          properties:
                                            lastProbeTime:
                                              description: lastProbeTime is the time we probed the condition.
                                              format: date-time
                                              type: string
                                            lastTransitionTime:
                                              description: lastTransitionTime is the time the condition transitioned from one status to another.
                                              format: date-time
                                              type: string
                                            message:
                                              description: message is the human-readable message indicating details about last transition.
                                              type: string
                                            reason:
                                              description: reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
                                              type: string
                                            status:
                                              type: string
                                            type:
                                              description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
                                              type: string
                                          required:
                                            - status
                                            - type
                                          type: object
                                        type: array
                                      phase:
                                        description: phase represents the current phase of PersistentVolumeClaim.
                                        type: string
                                    type: object
                                type: object
                                x-kubernetes-preserve-unknown-fields: true
                            type: object
                          nullable: true
                          type: array
                      type: object
                    volumeClaimTemplate:
                      description: VolumeClaimTemplate is the PVC definition
                      properties:
                        apiVersion:
                          description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
                          type: string
                        kind:
                          description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
                          type: string
                        metadata:
                          description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
                          properties:
                            annotations:
                              additionalProperties:
                                type: string
                              type: object
                            finalizers:
                              items:
                                type: string
                              type: array
                            labels:
                              additionalProperties:
                                type: string
                              type: object
                            name:
                              type: string
                            namespace:
                              type: string
                          type: object
                        spec:
                          description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                          properties:
                            accessModes:
                              description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                              items:
                                type: string
                              type: array
                            dataSource:
                              description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.'
                              properties:
                                apiGroup:
                                  description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                  type: string
                                kind:
                                  description: Kind is the type of resource being referenced
                                  type: string
                                name:
                                  description: Name is the name of resource being referenced
                                  type: string
                              required:
                                - kind
                                - name
                              type: object
                              x-kubernetes-map-type: atomic
                            dataSourceRef:
                              description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
                              properties:
                                apiGroup:
                                  description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                  type: string
                                kind:
                                  description: Kind is the type of resource being referenced
                                  type: string
                                name:
                                  description: Name is the name of resource being referenced
                                  type: string
                                namespace:
                                  description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
                                  type: string
                              required:
                                - kind
                                - name
                              type: object
                            resources:
                              description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
                              properties:
                                claims:
                                  description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                                  items:
                                    description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                                    properties:
                                      name:
                                        description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                        type: string
                                    required:
                                      - name
                                    type: object
                                  type: array
                                  x-kubernetes-list-map-keys:
                                    - name
                                  x-kubernetes-list-type: map
                                limits:
                                  additionalProperties:
                                    anyOf:
                                      - type: integer
                                      - type: string
                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                    x-kubernetes-int-or-string: true
                                  description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                  type: object
                                requests:
                                  additionalProperties:
                                    anyOf:
                                      - type: integer
                                      - type: string
                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                    x-kubernetes-int-or-string: true
                                  description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                  type: object
                              type: object
                            selector:
                              description: selector is a label query over volumes to consider for binding.
                              properties:
                                matchExpressions:
                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                  items:
                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                    properties:
                                      key:
                                        description: key is the label key that the selector applies to.
                                        type: string
                                      operator:
                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                        type: string
                                      values:
                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                        items:
                                          type: string
                                        type: array
                                    required:
                                      - key
                                      - operator
                                    type: object
                                  type: array
                                matchLabels:
                                  additionalProperties:
                                    type: string
                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                  type: object
                              type: object
                              x-kubernetes-map-type: atomic
                            storageClassName:
                              description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
                              type: string
                            volumeMode:
                              description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
                              type: string
                            volumeName:
                              description: volumeName is the binding reference to the PersistentVolume backing this claim.
                              type: string
                          type: object
                        status:
                          description: 'status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                          properties:
                            accessModes:
                              description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                              items:
                                type: string
                              type: array
                            allocatedResourceStatuses:
                              additionalProperties:
                                description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.
                                type: string
                              description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: - ControllerResizeInProgress: State set when resize controller starts resizing the volume in control-plane. - ControllerResizeFailed: State set when resize has failed in resize controller with a terminal error. - NodeResizePending: State set when resize controller has finished resizing the volume but further resizing of volume is needed on the node. - NodeResizeInProgress: State set when kubelet starts resizing the volume. - NodeResizeFailed: State set when resizing has failed in kubelet with a terminal error. Transient errors don't set NodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                              type: object
                              x-kubernetes-map-type: granular
                            allocatedResources:
                              additionalProperties:
                                anyOf:
                                  - type: integer
                                  - type: string
                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                x-kubernetes-int-or-string: true
                              description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                              type: object
                            capacity:
                              additionalProperties:
                                anyOf:
                                  - type: integer
                                  - type: string
                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                x-kubernetes-int-or-string: true
                              description: capacity represents the actual resources of the underlying volume.
                              type: object
                            conditions:
                              description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
                              items:
                                description: PersistentVolumeClaimCondition contains details about state of pvc
                                properties:
                                  lastProbeTime:
                                    description: lastProbeTime is the time we probed the condition.
                                    format: date-time
                                    type: string
                                  lastTransitionTime:
                                    description: lastTransitionTime is the time the condition transitioned from one status to another.
                                    format: date-time
                                    type: string
                                  message:
                                    description: message is the human-readable message indicating details about last transition.
                                    type: string
                                  reason:
                                    description: reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
                                    type: string
                                  status:
                                    type: string
                                  type:
                                    description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
                                    type: string
                                required:
                                  - status
                                  - type
                                type: object
                              type: array
                            phase:
                              description: phase represents the current phase of PersistentVolumeClaim.
                              type: string
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    zones:
                      description: Zones are specified when we want to provide zonal awareness to mons
                      items:
                        description: MonZoneSpec represents the specification of a zone in a Ceph Cluster
                        properties:
                          arbiter:
                            description: Arbiter determines if the zone contains the arbiter used for stretch cluster mode
                            type: boolean
                          name:
                            description: Name is the name of the zone
                            type: string
                          volumeClaimTemplate:
                            description: VolumeClaimTemplate is the PVC template
                            properties:
                              apiVersion:
                                description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
                                type: string
                              kind:
                                description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
                                type: string
                              metadata:
                                description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
                                properties:
                                  annotations:
                                    additionalProperties:
                                      type: string
                                    type: object
                                  finalizers:
                                    items:
                                      type: string
                                    type: array
                                  labels:
                                    additionalProperties:
                                      type: string
                                    type: object
                                  name:
                                    type: string
                                  namespace:
                                    type: string
                                type: object
                              spec:
                                description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                properties:
                                  accessModes:
                                    description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                    items:
                                      type: string
                                    type: array
                                  dataSource:
                                    description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.'
                                    properties:
                                      apiGroup:
                                        description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                        type: string
                                      kind:
                                        description: Kind is the type of resource being referenced
                                        type: string
                                      name:
                                        description: Name is the name of resource being referenced
                                        type: string
                                    required:
                                      - kind
                                      - name
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  dataSourceRef:
                                    description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
                                    properties:
                                      apiGroup:
                                        description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                        type: string
                                      kind:
                                        description: Kind is the type of resource being referenced
                                        type: string
                                      name:
                                        description: Name is the name of resource being referenced
                                        type: string
                                      namespace:
                                        description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
                                        type: string
                                    required:
                                      - kind
                                      - name
                                    type: object
                                  resources:
                                    description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
                                    properties:
                                      claims:
                                        description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                                        items:
                                          description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                                          properties:
                                            name:
                                              description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                              type: string
                                          required:
                                            - name
                                          type: object
                                        type: array
                                        x-kubernetes-list-map-keys:
                                          - name
                                        x-kubernetes-list-type: map
                                      limits:
                                        additionalProperties:
                                          anyOf:
                                            - type: integer
                                            - type: string
                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                          x-kubernetes-int-or-string: true
                                        description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                        type: object
                                      requests:
                                        additionalProperties:
                                          anyOf:
                                            - type: integer
                                            - type: string
                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                          x-kubernetes-int-or-string: true
                                        description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                        type: object
                                    type: object
                                  selector:
                                    description: selector is a label query over volumes to consider for binding.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  storageClassName:
                                    description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
                                    type: string
                                  volumeMode:
                                    description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
                                    type: string
                                  volumeName:
                                    description: volumeName is the binding reference to the PersistentVolume backing this claim.
                                    type: string
                                type: object
                              status:
                                description: 'status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                properties:
                                  accessModes:
                                    description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                    items:
                                      type: string
                                    type: array
                                  allocatedResourceStatuses:
                                    additionalProperties:
                                      description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.
                                      type: string
                                    description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: - ControllerResizeInProgress: State set when resize controller starts resizing the volume in control-plane. - ControllerResizeFailed: State set when resize has failed in resize controller with a terminal error. - NodeResizePending: State set when resize controller has finished resizing the volume but further resizing of volume is needed on the node. - NodeResizeInProgress: State set when kubelet starts resizing the volume. - NodeResizeFailed: State set when resizing has failed in kubelet with a terminal error. Transient errors don't set NodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                    type: object
                                    x-kubernetes-map-type: granular
                                  allocatedResources:
                                    additionalProperties:
                                      anyOf:
                                        - type: integer
                                        - type: string
                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                      x-kubernetes-int-or-string: true
                                    description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                    type: object
                                  capacity:
                                    additionalProperties:
                                      anyOf:
                                        - type: integer
                                        - type: string
                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                      x-kubernetes-int-or-string: true
                                    description: capacity represents the actual resources of the underlying volume.
                                    type: object
                                  conditions:
                                    description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
                                    items:
                                      description: PersistentVolumeClaimCondition contains details about state of pvc
                                      properties:
                                        lastProbeTime:
                                          description: lastProbeTime is the time we probed the condition.
                                          format: date-time
                                          type: string
                                        lastTransitionTime:
                                          description: lastTransitionTime is the time the condition transitioned from one status to another.
                                          format: date-time
                                          type: string
                                        message:
                                          description: message is the human-readable message indicating details about last transition.
                                          type: string
                                        reason:
                                          description: reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
                                          type: string
                                        status:
                                          type: string
                                        type:
                                          description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
                                          type: string
                                      required:
                                        - status
                                        - type
                                      type: object
                                    type: array
                                  phase:
                                    description: phase represents the current phase of PersistentVolumeClaim.
                                    type: string
                                type: object
                            type: object
                            x-kubernetes-preserve-unknown-fields: true
                        type: object
                      type: array
                  type: object
                monitoring:
                  description: Prometheus based Monitoring settings
                  nullable: true
                  properties:
                    enabled:
                      description: Enabled determines whether to create the prometheus rules for the ceph cluster. If true, the prometheus types must exist or the creation will fail. Default is false.
                      type: boolean
                    externalMgrEndpoints:
                      description: ExternalMgrEndpoints points to an existing Ceph prometheus exporter endpoint
                      items:
                        description: EndpointAddress is a tuple that describes single IP address.
                        properties:
                          hostname:
                            description: The Hostname of this endpoint
                            type: string
                          ip:
                            description: The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16).
                            type: string
                          nodeName:
                            description: 'Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.'
                            type: string
                          targetRef:
                            description: Reference to object providing the endpoint.
                            properties:
                              apiVersion:
                                description: API version of the referent.
                                type: string
                              fieldPath:
                                description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.'
                                type: string
                              kind:
                                description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
                                type: string
                              name:
                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
                                type: string
                              namespace:
                                description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
                                type: string
                              resourceVersion:
                                description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
                                type: string
                              uid:
                                description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
                                type: string
                            type: object
                            x-kubernetes-map-type: atomic
                        required:
                          - ip
                        type: object
                        x-kubernetes-map-type: atomic
                      nullable: true
                      type: array
                    externalMgrPrometheusPort:
                      description: ExternalMgrPrometheusPort Prometheus exporter port
                      maximum: 65535
                      minimum: 0
                      type: integer
                    interval:
                      description: Interval determines prometheus scrape interval
                      type: string
                    metricsDisabled:
                      description: Whether to disable the metrics reported by Ceph. If false, the prometheus mgr module and Ceph exporter are enabled. If true, the prometheus mgr module and Ceph exporter are both disabled. Default is false.
                      type: boolean
                    port:
                      description: Port is the prometheus server port
                      maximum: 65535
                      minimum: 0
                      type: integer
                  type: object
                network:
                  description: Network related configuration
                  nullable: true
                  properties:
                    connections:
                      description: Settings for network connections such as compression and encryption across the wire.
                      nullable: true
                      properties:
                        compression:
                          description: Compression settings for the network connections.
                          nullable: true
                          properties:
                            enabled:
                              description: Whether to compress the data in transit across the wire. The default is not set. Requires Ceph Quincy (v17) or newer.
                              type: boolean
                          type: object
                        encryption:
                          description: Encryption settings for the network connections.
                          nullable: true
                          properties:
                            enabled:
                              description: Whether to encrypt the data in transit across the wire to prevent eavesdropping the data on the network. The default is not set. Even if encryption is not enabled, clients still establish a strong initial authentication for the connection and data integrity is still validated with a crc check. When encryption is enabled, all communication between clients and Ceph daemons, or between Ceph daemons will be encrypted.
                              type: boolean
                          type: object
                        requireMsgr2:
                          description: Whether to require msgr2 (port 3300) even if compression or encryption are not enabled. If true, the msgr1 port (6789) will be disabled. Requires a kernel that supports msgr2 (kernel 5.11 or CentOS 8.4 or newer).
                          type: boolean
                      type: object
                    dualStack:
                      description: DualStack determines whether Ceph daemons should listen on both IPv4 and IPv6
                      type: boolean
                    hostNetwork:
                      description: HostNetwork to enable host network
                      type: boolean
                    ipFamily:
                      description: IPFamily is the single stack IPv6 or IPv4 protocol
                      enum:
                        - IPv4
                        - IPv6
                      nullable: true
                      type: string
                    multiClusterService:
                      description: Enable multiClusterService to export the Services between peer clusters
                      properties:
                        clusterID:
                          description: 'ClusterID uniquely identifies a cluster. It is used as a prefix to nslookup exported services. For example: <clusterid>.<svc>.<ns>.svc.clusterset.local'
                          type: string
                        enabled:
                          description: Enable multiClusterService to export the mon and OSD services to peer cluster. Ensure that peer clusters are connected using an MCS API compatible application, like Globalnet Submariner.
                          type: boolean
                      type: object
                    provider:
                      description: Provider is what provides network connectivity to the cluster e.g. "host" or "multus"
                      nullable: true
                      type: string
                    selectors:
                      additionalProperties:
                        type: string
                      description: Selectors string values describe what networks will be used to connect the cluster. Meanwhile the keys describe each network respective responsibilities or any metadata storage provider decide.
                      nullable: true
                      type: object
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                placement:
                  additionalProperties:
                    description: Placement is the placement for an object
                    properties:
                      nodeAffinity:
                        description: NodeAffinity is a group of node affinity scheduling rules
                        properties:
                          preferredDuringSchedulingIgnoredDuringExecution:
                            description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
                            items:
                              description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
                              properties:
                                preference:
                                  description: A node selector term, associated with the corresponding weight.
                                  properties:
                                    matchExpressions:
                                      description: A list of node selector requirements by node's labels.
                                      items:
                                        description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                        properties:
                                          key:
                                            description: The label key that the selector applies to.
                                            type: string
                                          operator:
                                            description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                            type: string
                                          values:
                                            description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                            items:
                                              type: string
                                            type: array
                                        required:
                                          - key
                                          - operator
                                        type: object
                                      type: array
                                    matchFields:
                                      description: A list of node selector requirements by node's fields.
                                      items:
                                        description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                        properties:
                                          key:
                                            description: The label key that the selector applies to.
                                            type: string
                                          operator:
                                            description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                            type: string
                                          values:
                                            description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                            items:
                                              type: string
                                            type: array
                                        required:
                                          - key
                                          - operator
                                        type: object
                                      type: array
                                  type: object
                                  x-kubernetes-map-type: atomic
                                weight:
                                  description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
                                  format: int32
                                  type: integer
                              required:
                                - preference
                                - weight
                              type: object
                            type: array
                          requiredDuringSchedulingIgnoredDuringExecution:
                            description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
                            properties:
                              nodeSelectorTerms:
                                description: Required. A list of node selector terms. The terms are ORed.
                                items:
                                  description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
                                  properties:
                                    matchExpressions:
                                      description: A list of node selector requirements by node's labels.
                                      items:
                                        description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                        properties:
                                          key:
                                            description: The label key that the selector applies to.
                                            type: string
                                          operator:
                                            description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                            type: string
                                          values:
                                            description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                            items:
                                              type: string
                                            type: array
                                        required:
                                          - key
                                          - operator
                                        type: object
                                      type: array
                                    matchFields:
                                      description: A list of node selector requirements by node's fields.
                                      items:
                                        description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                        properties:
                                          key:
                                            description: The label key that the selector applies to.
                                            type: string
                                          operator:
                                            description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                            type: string
                                          values:
                                            description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                            items:
                                              type: string
                                            type: array
                                        required:
                                          - key
                                          - operator
                                        type: object
                                      type: array
                                  type: object
                                  x-kubernetes-map-type: atomic
                                type: array
                            required:
                              - nodeSelectorTerms
                            type: object
                            x-kubernetes-map-type: atomic
                        type: object
                      podAffinity:
                        description: PodAffinity is a group of inter pod affinity scheduling rules
                        properties:
                          preferredDuringSchedulingIgnoredDuringExecution:
                            description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                            items:
                              description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                              properties:
                                podAffinityTerm:
                                  description: Required. A pod affinity term, associated with the corresponding weight.
                                  properties:
                                    labelSelector:
                                      description: A label query over a set of resources, in this case pods.
                                      properties:
                                        matchExpressions:
                                          description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                          items:
                                            description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                            properties:
                                              key:
                                                description: key is the label key that the selector applies to.
                                                type: string
                                              operator:
                                                description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                type: string
                                              values:
                                                description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                items:
                                                  type: string
                                                type: array
                                            required:
                                              - key
                                              - operator
                                            type: object
                                          type: array
                                        matchLabels:
                                          additionalProperties:
                                            type: string
                                          description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                          type: object
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    namespaceSelector:
                                      description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                      properties:
                                        matchExpressions:
                                          description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                          items:
                                            description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                            properties:
                                              key:
                                                description: key is the label key that the selector applies to.
                                                type: string
                                              operator:
                                                description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                type: string
                                              values:
                                                description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                items:
                                                  type: string
                                                type: array
                                            required:
                                              - key
                                              - operator
                                            type: object
                                          type: array
                                        matchLabels:
                                          additionalProperties:
                                            type: string
                                          description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                          type: object
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    namespaces:
                                      description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                      items:
                                        type: string
                                      type: array
                                    topologyKey:
                                      description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                      type: string
                                  required:
                                    - topologyKey
                                  type: object
                                weight:
                                  description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                  format: int32
                                  type: integer
                              required:
                                - podAffinityTerm
                                - weight
                              type: object
                            type: array
                          requiredDuringSchedulingIgnoredDuringExecution:
                            description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                            items:
                              description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                              properties:
                                labelSelector:
                                  description: A label query over a set of resources, in this case pods.
                                  properties:
                                    matchExpressions:
                                      description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                      items:
                                        description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                        properties:
                                          key:
                                            description: key is the label key that the selector applies to.
                                            type: string
                                          operator:
                                            description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                            type: string
                                          values:
                                            description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                            items:
                                              type: string
                                            type: array
                                        required:
                                          - key
                                          - operator
                                        type: object
                                      type: array
                                    matchLabels:
                                      additionalProperties:
                                        type: string
                                      description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                      type: object
                                  type: object
                                  x-kubernetes-map-type: atomic
                                namespaceSelector:
                                  description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                  properties:
                                    matchExpressions:
                                      description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                      items:
                                        description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                        properties:
                                          key:
                                            description: key is the label key that the selector applies to.
                                            type: string
                                          operator:
                                            description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                            type: string
                                          values:
                                            description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                            items:
                                              type: string
                                            type: array
                                        required:
                                          - key
                                          - operator
                                        type: object
                                      type: array
                                    matchLabels:
                                      additionalProperties:
                                        type: string
                                      description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                      type: object
                                  type: object
                                  x-kubernetes-map-type: atomic
                                namespaces:
                                  description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                  items:
                                    type: string
                                  type: array
                                topologyKey:
                                  description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                  type: string
                              required:
                                - topologyKey
                              type: object
                            type: array
                        type: object
                      podAntiAffinity:
                        description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules
                        properties:
                          preferredDuringSchedulingIgnoredDuringExecution:
                            description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                            items:
                              description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                              properties:
                                podAffinityTerm:
                                  description: Required. A pod affinity term, associated with the corresponding weight.
                                  properties:
                                    labelSelector:
                                      description: A label query over a set of resources, in this case pods.
                                      properties:
                                        matchExpressions:
                                          description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                          items:
                                            description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                            properties:
                                              key:
                                                description: key is the label key that the selector applies to.
                                                type: string
                                              operator:
                                                description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                type: string
                                              values:
                                                description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                items:
                                                  type: string
                                                type: array
                                            required:
                                              - key
                                              - operator
                                            type: object
                                          type: array
                                        matchLabels:
                                          additionalProperties:
                                            type: string
                                          description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                          type: object
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    namespaceSelector:
                                      description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                      properties:
                                        matchExpressions:
                                          description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                          items:
                                            description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                            properties:
                                              key:
                                                description: key is the label key that the selector applies to.
                                                type: string
                                              operator:
                                                description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                type: string
                                              values:
                                                description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                items:
                                                  type: string
                                                type: array
                                            required:
                                              - key
                                              - operator
                                            type: object
                                          type: array
                                        matchLabels:
                                          additionalProperties:
                                            type: string
                                          description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                          type: object
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    namespaces:
                                      description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                      items:
                                        type: string
                                      type: array
                                    topologyKey:
                                      description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                      type: string
                                  required:
                                    - topologyKey
                                  type: object
                                weight:
                                  description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                  format: int32
                                  type: integer
                              required:
                                - podAffinityTerm
                                - weight
                              type: object
                            type: array
                          requiredDuringSchedulingIgnoredDuringExecution:
                            description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                            items:
                              description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                              properties:
                                labelSelector:
                                  description: A label query over a set of resources, in this case pods.
                                  properties:
                                    matchExpressions:
                                      description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                      items:
                                        description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                        properties:
                                          key:
                                            description: key is the label key that the selector applies to.
                                            type: string
                                          operator:
                                            description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                            type: string
                                          values:
                                            description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                            items:
                                              type: string
                                            type: array
                                        required:
                                          - key
                                          - operator
                                        type: object
                                      type: array
                                    matchLabels:
                                      additionalProperties:
                                        type: string
                                      description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                      type: object
                                  type: object
                                  x-kubernetes-map-type: atomic
                                namespaceSelector:
                                  description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                  properties:
                                    matchExpressions:
                                      description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                      items:
                                        description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                        properties:
                                          key:
                                            description: key is the label key that the selector applies to.
                                            type: string
                                          operator:
                                            description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                            type: string
                                          values:
                                            description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                            items:
                                              type: string
                                            type: array
                                        required:
                                          - key
                                          - operator
                                        type: object
                                      type: array
                                    matchLabels:
                                      additionalProperties:
                                        type: string
                                      description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                      type: object
                                  type: object
                                  x-kubernetes-map-type: atomic
                                namespaces:
                                  description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                  items:
                                    type: string
                                  type: array
                                topologyKey:
                                  description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                  type: string
                              required:
                                - topologyKey
                              type: object
                            type: array
                        type: object
                      tolerations:
                        description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>
                        items:
                          description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
                          properties:
                            effect:
                              description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
                              type: string
                            key:
                              description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
                              type: string
                            operator:
                              description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
                              type: string
                            tolerationSeconds:
                              description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
                              format: int64
                              type: integer
                            value:
                              description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
                              type: string
                          type: object
                        type: array
                      topologySpreadConstraints:
                        description: TopologySpreadConstraint specifies how to spread matching pods among the given topology
                        items:
                          description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
                          properties:
                            labelSelector:
                              description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
                              properties:
                                matchExpressions:
                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                  items:
                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                    properties:
                                      key:
                                        description: key is the label key that the selector applies to.
                                        type: string
                                      operator:
                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                        type: string
                                      values:
                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                        items:
                                          type: string
                                        type: array
                                    required:
                                      - key
                                      - operator
                                    type: object
                                  type: array
                                matchLabels:
                                  additionalProperties:
                                    type: string
                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                  type: object
                              type: object
                              x-kubernetes-map-type: atomic
                            matchLabelKeys:
                              description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
                              items:
                                type: string
                              type: array
                              x-kubernetes-list-type: atomic
                            maxSkew:
                              description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
                              format: int32
                              type: integer
                            minDomains:
                              description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
                              format: int32
                              type: integer
                            nodeAffinityPolicy:
                              description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                              type: string
                            nodeTaintsPolicy:
                              description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                              type: string
                            topologyKey:
                              description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
                              type: string
                            whenUnsatisfiable:
                              description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
                              type: string
                          required:
                            - maxSkew
                            - topologyKey
                            - whenUnsatisfiable
                          type: object
                        type: array
                    type: object
                  description: The placement-related configuration to pass to kubernetes (affinity, node selector, tolerations).
                  nullable: true
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                priorityClassNames:
                  additionalProperties:
                    type: string
                  description: PriorityClassNames sets priority classes on components
                  nullable: true
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                removeOSDsIfOutAndSafeToRemove:
                  description: Remove the OSD that is out and safe to remove only if this option is true
                  type: boolean
                resources:
                  additionalProperties:
                    description: ResourceRequirements describes the compute resource requirements.
                    properties:
                      claims:
                        description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                        items:
                          description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                          properties:
                            name:
                              description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                              type: string
                          required:
                            - name
                          type: object
                        type: array
                        x-kubernetes-list-map-keys:
                          - name
                        x-kubernetes-list-type: map
                      limits:
                        additionalProperties:
                          anyOf:
                            - type: integer
                            - type: string
                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                          x-kubernetes-int-or-string: true
                        description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                        type: object
                      requests:
                        additionalProperties:
                          anyOf:
                            - type: integer
                            - type: string
                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                          x-kubernetes-int-or-string: true
                        description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                        type: object
                    type: object
                  description: Resources set resource requests and limits
                  nullable: true
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                security:
                  description: Security represents security settings
                  nullable: true
                  properties:
                    keyRotation:
                      description: KeyRotation defines options for Key Rotation.
                      nullable: true
                      properties:
                        enabled:
                          default: false
                          description: Enabled represents whether the key rotation is enabled.
                          type: boolean
                        schedule:
                          description: Schedule represents the cron schedule for key rotation.
                          type: string
                      type: object
                    kms:
                      description: KeyManagementService is the main Key Management option
                      nullable: true
                      properties:
                        connectionDetails:
                          additionalProperties:
                            type: string
                          description: ConnectionDetails contains the KMS connection details (address, port etc)
                          nullable: true
                          type: object
                          x-kubernetes-preserve-unknown-fields: true
                        tokenSecretName:
                          description: TokenSecretName is the kubernetes secret containing the KMS token
                          type: string
                      type: object
                  type: object
                skipUpgradeChecks:
                  description: SkipUpgradeChecks defines if an upgrade should be forced even if one of the check fails
                  type: boolean
                storage:
                  description: A spec for available storage in the cluster and how it should be used
                  nullable: true
                  properties:
                    config:
                      additionalProperties:
                        type: string
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    deviceFilter:
                      description: A regular expression to allow more fine-grained selection of devices on nodes across the cluster
                      type: string
                    devicePathFilter:
                      description: A regular expression to allow more fine-grained selection of devices with path names
                      type: string
                    devices:
                      description: List of devices to use as storage devices
                      items:
                        description: Device represents a disk to use in the cluster
                        properties:
                          config:
                            additionalProperties:
                              type: string
                            nullable: true
                            type: object
                            x-kubernetes-preserve-unknown-fields: true
                          fullpath:
                            type: string
                          name:
                            type: string
                        type: object
                      nullable: true
                      type: array
                      x-kubernetes-preserve-unknown-fields: true
                    nodes:
                      items:
                        description: Node is a storage nodes
                        properties:
                          config:
                            additionalProperties:
                              type: string
                            nullable: true
                            type: object
                            x-kubernetes-preserve-unknown-fields: true
                          deviceFilter:
                            description: A regular expression to allow more fine-grained selection of devices on nodes across the cluster
                            type: string
                          devicePathFilter:
                            description: A regular expression to allow more fine-grained selection of devices with path names
                            type: string
                          devices:
                            description: List of devices to use as storage devices
                            items:
                              description: Device represents a disk to use in the cluster
                              properties:
                                config:
                                  additionalProperties:
                                    type: string
                                  nullable: true
                                  type: object
                                  x-kubernetes-preserve-unknown-fields: true
                                fullpath:
                                  type: string
                                name:
                                  type: string
                              type: object
                            nullable: true
                            type: array
                            x-kubernetes-preserve-unknown-fields: true
                          name:
                            type: string
                          resources:
                            description: ResourceRequirements describes the compute resource requirements.
                            nullable: true
                            properties:
                              claims:
                                description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                                items:
                                  description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                                  properties:
                                    name:
                                      description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                      type: string
                                  required:
                                    - name
                                  type: object
                                type: array
                                x-kubernetes-list-map-keys:
                                  - name
                                x-kubernetes-list-type: map
                              limits:
                                additionalProperties:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                  x-kubernetes-int-or-string: true
                                description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                type: object
                              requests:
                                additionalProperties:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                  x-kubernetes-int-or-string: true
                                description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                type: object
                            type: object
                            x-kubernetes-preserve-unknown-fields: true
                          useAllDevices:
                            description: Whether to consume all the storage devices found on a machine
                            type: boolean
                          volumeClaimTemplates:
                            description: PersistentVolumeClaims to use as storage
                            items:
                              description: PersistentVolumeClaim is a user's request for and claim to a persistent volume
                              properties:
                                apiVersion:
                                  description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
                                  type: string
                                kind:
                                  description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
                                  type: string
                                metadata:
                                  description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
                                  properties:
                                    annotations:
                                      additionalProperties:
                                        type: string
                                      type: object
                                    finalizers:
                                      items:
                                        type: string
                                      type: array
                                    labels:
                                      additionalProperties:
                                        type: string
                                      type: object
                                    name:
                                      type: string
                                    namespace:
                                      type: string
                                  type: object
                                spec:
                                  description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                  properties:
                                    accessModes:
                                      description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                      items:
                                        type: string
                                      type: array
                                    dataSource:
                                      description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.'
                                      properties:
                                        apiGroup:
                                          description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                          type: string
                                        kind:
                                          description: Kind is the type of resource being referenced
                                          type: string
                                        name:
                                          description: Name is the name of resource being referenced
                                          type: string
                                      required:
                                        - kind
                                        - name
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    dataSourceRef:
                                      description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
                                      properties:
                                        apiGroup:
                                          description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                          type: string
                                        kind:
                                          description: Kind is the type of resource being referenced
                                          type: string
                                        name:
                                          description: Name is the name of resource being referenced
                                          type: string
                                        namespace:
                                          description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
                                          type: string
                                      required:
                                        - kind
                                        - name
                                      type: object
                                    resources:
                                      description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
                                      properties:
                                        claims:
                                          description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                                          items:
                                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                                            properties:
                                              name:
                                                description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                                type: string
                                            required:
                                              - name
                                            type: object
                                          type: array
                                          x-kubernetes-list-map-keys:
                                            - name
                                          x-kubernetes-list-type: map
                                        limits:
                                          additionalProperties:
                                            anyOf:
                                              - type: integer
                                              - type: string
                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                            x-kubernetes-int-or-string: true
                                          description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                          type: object
                                        requests:
                                          additionalProperties:
                                            anyOf:
                                              - type: integer
                                              - type: string
                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                            x-kubernetes-int-or-string: true
                                          description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                          type: object
                                      type: object
                                    selector:
                                      description: selector is a label query over volumes to consider for binding.
                                      properties:
                                        matchExpressions:
                                          description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                          items:
                                            description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                            properties:
                                              key:
                                                description: key is the label key that the selector applies to.
                                                type: string
                                              operator:
                                                description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                type: string
                                              values:
                                                description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                items:
                                                  type: string
                                                type: array
                                            required:
                                              - key
                                              - operator
                                            type: object
                                          type: array
                                        matchLabels:
                                          additionalProperties:
                                            type: string
                                          description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                          type: object
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    storageClassName:
                                      description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
                                      type: string
                                    volumeMode:
                                      description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
                                      type: string
                                    volumeName:
                                      description: volumeName is the binding reference to the PersistentVolume backing this claim.
                                      type: string
                                  type: object
                                status:
                                  description: 'status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                  properties:
                                    accessModes:
                                      description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                      items:
                                        type: string
                                      type: array
                                    allocatedResourceStatuses:
                                      additionalProperties:
                                        description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.
                                        type: string
                                      description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: - ControllerResizeInProgress: State set when resize controller starts resizing the volume in control-plane. - ControllerResizeFailed: State set when resize has failed in resize controller with a terminal error. - NodeResizePending: State set when resize controller has finished resizing the volume but further resizing of volume is needed on the node. - NodeResizeInProgress: State set when kubelet starts resizing the volume. - NodeResizeFailed: State set when resizing has failed in kubelet with a terminal error. Transient errors don't set NodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                      type: object
                                      x-kubernetes-map-type: granular
                                    allocatedResources:
                                      additionalProperties:
                                        anyOf:
                                          - type: integer
                                          - type: string
                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                        x-kubernetes-int-or-string: true
                                      description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                      type: object
                                    capacity:
                                      additionalProperties:
                                        anyOf:
                                          - type: integer
                                          - type: string
                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                        x-kubernetes-int-or-string: true
                                      description: capacity represents the actual resources of the underlying volume.
                                      type: object
                                    conditions:
                                      description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
                                      items:
                                        description: PersistentVolumeClaimCondition contains details about state of pvc
                                        properties:
                                          lastProbeTime:
                                            description: lastProbeTime is the time we probed the condition.
                                            format: date-time
                                            type: string
                                          lastTransitionTime:
                                            description: lastTransitionTime is the time the condition transitioned from one status to another.
                                            format: date-time
                                            type: string
                                          message:
                                            description: message is the human-readable message indicating details about last transition.
                                            type: string
                                          reason:
                                            description: reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
                                            type: string
                                          status:
                                            type: string
                                          type:
                                            description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
                                            type: string
                                        required:
                                          - status
                                          - type
                                        type: object
                                      type: array
                                    phase:
                                      description: phase represents the current phase of PersistentVolumeClaim.
                                      type: string
                                  type: object
                              type: object
                            type: array
                        type: object
                      nullable: true
                      type: array
                    onlyApplyOSDPlacement:
                      type: boolean
                    storageClassDeviceSets:
                      items:
                        description: StorageClassDeviceSet is a storage class device set
                        properties:
                          config:
                            additionalProperties:
                              type: string
                            description: Provider-specific device configuration
                            nullable: true
                            type: object
                            x-kubernetes-preserve-unknown-fields: true
                          count:
                            description: Count is the number of devices in this set
                            minimum: 1
                            type: integer
                          encrypted:
                            description: Whether to encrypt the deviceSet
                            type: boolean
                          name:
                            description: Name is a unique identifier for the set
                            type: string
                          placement:
                            description: Placement is the placement for an object
                            nullable: true
                            properties:
                              nodeAffinity:
                                description: NodeAffinity is a group of node affinity scheduling rules
                                properties:
                                  preferredDuringSchedulingIgnoredDuringExecution:
                                    description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
                                    items:
                                      description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
                                      properties:
                                        preference:
                                          description: A node selector term, associated with the corresponding weight.
                                          properties:
                                            matchExpressions:
                                              description: A list of node selector requirements by node's labels.
                                              items:
                                                description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: The label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                                    type: string
                                                  values:
                                                    description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchFields:
                                              description: A list of node selector requirements by node's fields.
                                              items:
                                                description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: The label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                                    type: string
                                                  values:
                                                    description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        weight:
                                          description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
                                          format: int32
                                          type: integer
                                      required:
                                        - preference
                                        - weight
                                      type: object
                                    type: array
                                  requiredDuringSchedulingIgnoredDuringExecution:
                                    description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
                                    properties:
                                      nodeSelectorTerms:
                                        description: Required. A list of node selector terms. The terms are ORed.
                                        items:
                                          description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
                                          properties:
                                            matchExpressions:
                                              description: A list of node selector requirements by node's labels.
                                              items:
                                                description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: The label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                                    type: string
                                                  values:
                                                    description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchFields:
                                              description: A list of node selector requirements by node's fields.
                                              items:
                                                description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: The label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                                    type: string
                                                  values:
                                                    description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        type: array
                                    required:
                                      - nodeSelectorTerms
                                    type: object
                                    x-kubernetes-map-type: atomic
                                type: object
                              podAffinity:
                                description: PodAffinity is a group of inter pod affinity scheduling rules
                                properties:
                                  preferredDuringSchedulingIgnoredDuringExecution:
                                    description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                                    items:
                                      description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                      properties:
                                        podAffinityTerm:
                                          description: Required. A pod affinity term, associated with the corresponding weight.
                                          properties:
                                            labelSelector:
                                              description: A label query over a set of resources, in this case pods.
                                              properties:
                                                matchExpressions:
                                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                                  items:
                                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                    properties:
                                                      key:
                                                        description: key is the label key that the selector applies to.
                                                        type: string
                                                      operator:
                                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                        type: string
                                                      values:
                                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                        items:
                                                          type: string
                                                        type: array
                                                    required:
                                                      - key
                                                      - operator
                                                    type: object
                                                  type: array
                                                matchLabels:
                                                  additionalProperties:
                                                    type: string
                                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                                  type: object
                                              type: object
                                              x-kubernetes-map-type: atomic
                                            namespaceSelector:
                                              description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                              properties:
                                                matchExpressions:
                                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                                  items:
                                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                    properties:
                                                      key:
                                                        description: key is the label key that the selector applies to.
                                                        type: string
                                                      operator:
                                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                        type: string
                                                      values:
                                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                        items:
                                                          type: string
                                                        type: array
                                                    required:
                                                      - key
                                                      - operator
                                                    type: object
                                                  type: array
                                                matchLabels:
                                                  additionalProperties:
                                                    type: string
                                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                                  type: object
                                              type: object
                                              x-kubernetes-map-type: atomic
                                            namespaces:
                                              description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                              items:
                                                type: string
                                              type: array
                                            topologyKey:
                                              description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                              type: string
                                          required:
                                            - topologyKey
                                          type: object
                                        weight:
                                          description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                          format: int32
                                          type: integer
                                      required:
                                        - podAffinityTerm
                                        - weight
                                      type: object
                                    type: array
                                  requiredDuringSchedulingIgnoredDuringExecution:
                                    description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                                    items:
                                      description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                      properties:
                                        labelSelector:
                                          description: A label query over a set of resources, in this case pods.
                                          properties:
                                            matchExpressions:
                                              description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                              items:
                                                description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: key is the label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                    type: string
                                                  values:
                                                    description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchLabels:
                                              additionalProperties:
                                                type: string
                                              description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                              type: object
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        namespaceSelector:
                                          description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                          properties:
                                            matchExpressions:
                                              description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                              items:
                                                description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: key is the label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                    type: string
                                                  values:
                                                    description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchLabels:
                                              additionalProperties:
                                                type: string
                                              description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                              type: object
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        namespaces:
                                          description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                          items:
                                            type: string
                                          type: array
                                        topologyKey:
                                          description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                          type: string
                                      required:
                                        - topologyKey
                                      type: object
                                    type: array
                                type: object
                              podAntiAffinity:
                                description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules
                                properties:
                                  preferredDuringSchedulingIgnoredDuringExecution:
                                    description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                                    items:
                                      description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                      properties:
                                        podAffinityTerm:
                                          description: Required. A pod affinity term, associated with the corresponding weight.
                                          properties:
                                            labelSelector:
                                              description: A label query over a set of resources, in this case pods.
                                              properties:
                                                matchExpressions:
                                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                                  items:
                                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                    properties:
                                                      key:
                                                        description: key is the label key that the selector applies to.
                                                        type: string
                                                      operator:
                                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                        type: string
                                                      values:
                                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                        items:
                                                          type: string
                                                        type: array
                                                    required:
                                                      - key
                                                      - operator
                                                    type: object
                                                  type: array
                                                matchLabels:
                                                  additionalProperties:
                                                    type: string
                                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                                  type: object
                                              type: object
                                              x-kubernetes-map-type: atomic
                                            namespaceSelector:
                                              description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                              properties:
                                                matchExpressions:
                                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                                  items:
                                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                    properties:
                                                      key:
                                                        description: key is the label key that the selector applies to.
                                                        type: string
                                                      operator:
                                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                        type: string
                                                      values:
                                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                        items:
                                                          type: string
                                                        type: array
                                                    required:
                                                      - key
                                                      - operator
                                                    type: object
                                                  type: array
                                                matchLabels:
                                                  additionalProperties:
                                                    type: string
                                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                                  type: object
                                              type: object
                                              x-kubernetes-map-type: atomic
                                            namespaces:
                                              description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                              items:
                                                type: string
                                              type: array
                                            topologyKey:
                                              description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                              type: string
                                          required:
                                            - topologyKey
                                          type: object
                                        weight:
                                          description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                          format: int32
                                          type: integer
                                      required:
                                        - podAffinityTerm
                                        - weight
                                      type: object
                                    type: array
                                  requiredDuringSchedulingIgnoredDuringExecution:
                                    description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                                    items:
                                      description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                      properties:
                                        labelSelector:
                                          description: A label query over a set of resources, in this case pods.
                                          properties:
                                            matchExpressions:
                                              description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                              items:
                                                description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: key is the label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                    type: string
                                                  values:
                                                    description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchLabels:
                                              additionalProperties:
                                                type: string
                                              description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                              type: object
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        namespaceSelector:
                                          description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                          properties:
                                            matchExpressions:
                                              description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                              items:
                                                description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: key is the label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                    type: string
                                                  values:
                                                    description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchLabels:
                                              additionalProperties:
                                                type: string
                                              description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                              type: object
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        namespaces:
                                          description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                          items:
                                            type: string
                                          type: array
                                        topologyKey:
                                          description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                          type: string
                                      required:
                                        - topologyKey
                                      type: object
                                    type: array
                                type: object
                              tolerations:
                                description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>
                                items:
                                  description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
                                  properties:
                                    effect:
                                      description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
                                      type: string
                                    key:
                                      description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
                                      type: string
                                    operator:
                                      description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
                                      type: string
                                    tolerationSeconds:
                                      description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
                                      format: int64
                                      type: integer
                                    value:
                                      description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
                                      type: string
                                  type: object
                                type: array
                              topologySpreadConstraints:
                                description: TopologySpreadConstraint specifies how to spread matching pods among the given topology
                                items:
                                  description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
                                  properties:
                                    labelSelector:
                                      description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
                                      properties:
                                        matchExpressions:
                                          description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                          items:
                                            description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                            properties:
                                              key:
                                                description: key is the label key that the selector applies to.
                                                type: string
                                              operator:
                                                description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                type: string
                                              values:
                                                description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                items:
                                                  type: string
                                                type: array
                                            required:
                                              - key
                                              - operator
                                            type: object
                                          type: array
                                        matchLabels:
                                          additionalProperties:
                                            type: string
                                          description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                          type: object
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    matchLabelKeys:
                                      description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
                                      items:
                                        type: string
                                      type: array
                                      x-kubernetes-list-type: atomic
                                    maxSkew:
                                      description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
                                      format: int32
                                      type: integer
                                    minDomains:
                                      description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
                                      format: int32
                                      type: integer
                                    nodeAffinityPolicy:
                                      description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                      type: string
                                    nodeTaintsPolicy:
                                      description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                      type: string
                                    topologyKey:
                                      description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
                                      type: string
                                    whenUnsatisfiable:
                                      description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
                                      type: string
                                  required:
                                    - maxSkew
                                    - topologyKey
                                    - whenUnsatisfiable
                                  type: object
                                type: array
                            type: object
                            x-kubernetes-preserve-unknown-fields: true
                          portable:
                            description: Portable represents OSD portability across the hosts
                            type: boolean
                          preparePlacement:
                            description: Placement is the placement for an object
                            nullable: true
                            properties:
                              nodeAffinity:
                                description: NodeAffinity is a group of node affinity scheduling rules
                                properties:
                                  preferredDuringSchedulingIgnoredDuringExecution:
                                    description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
                                    items:
                                      description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
                                      properties:
                                        preference:
                                          description: A node selector term, associated with the corresponding weight.
                                          properties:
                                            matchExpressions:
                                              description: A list of node selector requirements by node's labels.
                                              items:
                                                description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: The label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                                    type: string
                                                  values:
                                                    description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchFields:
                                              description: A list of node selector requirements by node's fields.
                                              items:
                                                description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: The label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                                    type: string
                                                  values:
                                                    description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        weight:
                                          description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
                                          format: int32
                                          type: integer
                                      required:
                                        - preference
                                        - weight
                                      type: object
                                    type: array
                                  requiredDuringSchedulingIgnoredDuringExecution:
                                    description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
                                    properties:
                                      nodeSelectorTerms:
                                        description: Required. A list of node selector terms. The terms are ORed.
                                        items:
                                          description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
                                          properties:
                                            matchExpressions:
                                              description: A list of node selector requirements by node's labels.
                                              items:
                                                description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: The label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                                    type: string
                                                  values:
                                                    description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchFields:
                                              description: A list of node selector requirements by node's fields.
                                              items:
                                                description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: The label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                                    type: string
                                                  values:
                                                    description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        type: array
                                    required:
                                      - nodeSelectorTerms
                                    type: object
                                    x-kubernetes-map-type: atomic
                                type: object
                              podAffinity:
                                description: PodAffinity is a group of inter pod affinity scheduling rules
                                properties:
                                  preferredDuringSchedulingIgnoredDuringExecution:
                                    description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                                    items:
                                      description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                      properties:
                                        podAffinityTerm:
                                          description: Required. A pod affinity term, associated with the corresponding weight.
                                          properties:
                                            labelSelector:
                                              description: A label query over a set of resources, in this case pods.
                                              properties:
                                                matchExpressions:
                                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                                  items:
                                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                    properties:
                                                      key:
                                                        description: key is the label key that the selector applies to.
                                                        type: string
                                                      operator:
                                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                        type: string
                                                      values:
                                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                        items:
                                                          type: string
                                                        type: array
                                                    required:
                                                      - key
                                                      - operator
                                                    type: object
                                                  type: array
                                                matchLabels:
                                                  additionalProperties:
                                                    type: string
                                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                                  type: object
                                              type: object
                                              x-kubernetes-map-type: atomic
                                            namespaceSelector:
                                              description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                              properties:
                                                matchExpressions:
                                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                                  items:
                                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                    properties:
                                                      key:
                                                        description: key is the label key that the selector applies to.
                                                        type: string
                                                      operator:
                                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                        type: string
                                                      values:
                                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                        items:
                                                          type: string
                                                        type: array
                                                    required:
                                                      - key
                                                      - operator
                                                    type: object
                                                  type: array
                                                matchLabels:
                                                  additionalProperties:
                                                    type: string
                                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                                  type: object
                                              type: object
                                              x-kubernetes-map-type: atomic
                                            namespaces:
                                              description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                              items:
                                                type: string
                                              type: array
                                            topologyKey:
                                              description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                              type: string
                                          required:
                                            - topologyKey
                                          type: object
                                        weight:
                                          description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                          format: int32
                                          type: integer
                                      required:
                                        - podAffinityTerm
                                        - weight
                                      type: object
                                    type: array
                                  requiredDuringSchedulingIgnoredDuringExecution:
                                    description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                                    items:
                                      description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                      properties:
                                        labelSelector:
                                          description: A label query over a set of resources, in this case pods.
                                          properties:
                                            matchExpressions:
                                              description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                              items:
                                                description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: key is the label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                    type: string
                                                  values:
                                                    description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchLabels:
                                              additionalProperties:
                                                type: string
                                              description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                              type: object
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        namespaceSelector:
                                          description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                          properties:
                                            matchExpressions:
                                              description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                              items:
                                                description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: key is the label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                    type: string
                                                  values:
                                                    description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchLabels:
                                              additionalProperties:
                                                type: string
                                              description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                              type: object
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        namespaces:
                                          description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                          items:
                                            type: string
                                          type: array
                                        topologyKey:
                                          description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                          type: string
                                      required:
                                        - topologyKey
                                      type: object
                                    type: array
                                type: object
                              podAntiAffinity:
                                description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules
                                properties:
                                  preferredDuringSchedulingIgnoredDuringExecution:
                                    description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                                    items:
                                      description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                      properties:
                                        podAffinityTerm:
                                          description: Required. A pod affinity term, associated with the corresponding weight.
                                          properties:
                                            labelSelector:
                                              description: A label query over a set of resources, in this case pods.
                                              properties:
                                                matchExpressions:
                                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                                  items:
                                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                    properties:
                                                      key:
                                                        description: key is the label key that the selector applies to.
                                                        type: string
                                                      operator:
                                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                        type: string
                                                      values:
                                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                        items:
                                                          type: string
                                                        type: array
                                                    required:
                                                      - key
                                                      - operator
                                                    type: object
                                                  type: array
                                                matchLabels:
                                                  additionalProperties:
                                                    type: string
                                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                                  type: object
                                              type: object
                                              x-kubernetes-map-type: atomic
                                            namespaceSelector:
                                              description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                              properties:
                                                matchExpressions:
                                                  description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                                  items:
                                                    description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                    properties:
                                                      key:
                                                        description: key is the label key that the selector applies to.
                                                        type: string
                                                      operator:
                                                        description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                        type: string
                                                      values:
                                                        description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                        items:
                                                          type: string
                                                        type: array
                                                    required:
                                                      - key
                                                      - operator
                                                    type: object
                                                  type: array
                                                matchLabels:
                                                  additionalProperties:
                                                    type: string
                                                  description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                                  type: object
                                              type: object
                                              x-kubernetes-map-type: atomic
                                            namespaces:
                                              description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                              items:
                                                type: string
                                              type: array
                                            topologyKey:
                                              description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                              type: string
                                          required:
                                            - topologyKey
                                          type: object
                                        weight:
                                          description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                          format: int32
                                          type: integer
                                      required:
                                        - podAffinityTerm
                                        - weight
                                      type: object
                                    type: array
                                  requiredDuringSchedulingIgnoredDuringExecution:
                                    description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                                    items:
                                      description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                      properties:
                                        labelSelector:
                                          description: A label query over a set of resources, in this case pods.
                                          properties:
                                            matchExpressions:
                                              description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                              items:
                                                description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: key is the label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                    type: string
                                                  values:
                                                    description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchLabels:
                                              additionalProperties:
                                                type: string
                                              description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                              type: object
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        namespaceSelector:
                                          description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                          properties:
                                            matchExpressions:
                                              description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                              items:
                                                description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                                properties:
                                                  key:
                                                    description: key is the label key that the selector applies to.
                                                    type: string
                                                  operator:
                                                    description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                    type: string
                                                  values:
                                                    description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                    items:
                                                      type: string
                                                    type: array
                                                required:
                                                  - key
                                                  - operator
                                                type: object
                                              type: array
                                            matchLabels:
                                              additionalProperties:
                                                type: string
                                              description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                              type: object
                                          type: object
                                          x-kubernetes-map-type: atomic
                                        namespaces:
                                          description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                          items:
                                            type: string
                                          type: array
                                        topologyKey:
                                          description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                          type: string
                                      required:
                                        - topologyKey
                                      type: object
                                    type: array
                                type: object
                              tolerations:
                                description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>
                                items:
                                  description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
                                  properties:
                                    effect:
                                      description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
                                      type: string
                                    key:
                                      description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
                                      type: string
                                    operator:
                                      description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
                                      type: string
                                    tolerationSeconds:
                                      description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
                                      format: int64
                                      type: integer
                                    value:
                                      description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
                                      type: string
                                  type: object
                                type: array
                              topologySpreadConstraints:
                                description: TopologySpreadConstraint specifies how to spread matching pods among the given topology
                                items:
                                  description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
                                  properties:
                                    labelSelector:
                                      description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
                                      properties:
                                        matchExpressions:
                                          description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                          items:
                                            description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                            properties:
                                              key:
                                                description: key is the label key that the selector applies to.
                                                type: string
                                              operator:
                                                description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                type: string
                                              values:
                                                description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                items:
                                                  type: string
                                                type: array
                                            required:
                                              - key
                                              - operator
                                            type: object
                                          type: array
                                        matchLabels:
                                          additionalProperties:
                                            type: string
                                          description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                          type: object
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    matchLabelKeys:
                                      description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
                                      items:
                                        type: string
                                      type: array
                                      x-kubernetes-list-type: atomic
                                    maxSkew:
                                      description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
                                      format: int32
                                      type: integer
                                    minDomains:
                                      description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
                                      format: int32
                                      type: integer
                                    nodeAffinityPolicy:
                                      description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                      type: string
                                    nodeTaintsPolicy:
                                      description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                      type: string
                                    topologyKey:
                                      description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
                                      type: string
                                    whenUnsatisfiable:
                                      description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
                                      type: string
                                  required:
                                    - maxSkew
                                    - topologyKey
                                    - whenUnsatisfiable
                                  type: object
                                type: array
                            type: object
                            x-kubernetes-preserve-unknown-fields: true
                          resources:
                            description: ResourceRequirements describes the compute resource requirements.
                            nullable: true
                            properties:
                              claims:
                                description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                                items:
                                  description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                                  properties:
                                    name:
                                      description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                      type: string
                                  required:
                                    - name
                                  type: object
                                type: array
                                x-kubernetes-list-map-keys:
                                  - name
                                x-kubernetes-list-type: map
                              limits:
                                additionalProperties:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                  x-kubernetes-int-or-string: true
                                description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                type: object
                              requests:
                                additionalProperties:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                  x-kubernetes-int-or-string: true
                                description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                type: object
                            type: object
                            x-kubernetes-preserve-unknown-fields: true
                          schedulerName:
                            description: Scheduler name for OSD pod placement
                            type: string
                          tuneDeviceClass:
                            description: TuneSlowDeviceClass Tune the OSD when running on a slow Device Class
                            type: boolean
                          tuneFastDeviceClass:
                            description: TuneFastDeviceClass Tune the OSD when running on a fast Device Class
                            type: boolean
                          volumeClaimTemplates:
                            description: VolumeClaimTemplates is a list of PVC templates for the underlying storage devices
                            items:
                              description: PersistentVolumeClaim is a user's request for and claim to a persistent volume
                              properties:
                                apiVersion:
                                  description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
                                  type: string
                                kind:
                                  description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
                                  type: string
                                metadata:
                                  description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
                                  properties:
                                    annotations:
                                      additionalProperties:
                                        type: string
                                      type: object
                                      x-kubernetes-preserve-unknown-fields: true
                                    finalizers:
                                      items:
                                        type: string
                                      type: array
                                    labels:
                                      additionalProperties:
                                        type: string
                                      type: object
                                    name:
                                      type: string
                                    namespace:
                                      type: string
                                  type: object
                                spec:
                                  description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                  properties:
                                    accessModes:
                                      description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                      items:
                                        type: string
                                      type: array
                                    dataSource:
                                      description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.'
                                      properties:
                                        apiGroup:
                                          description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                          type: string
                                        kind:
                                          description: Kind is the type of resource being referenced
                                          type: string
                                        name:
                                          description: Name is the name of resource being referenced
                                          type: string
                                      required:
                                        - kind
                                        - name
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    dataSourceRef:
                                      description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
                                      properties:
                                        apiGroup:
                                          description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                          type: string
                                        kind:
                                          description: Kind is the type of resource being referenced
                                          type: string
                                        name:
                                          description: Name is the name of resource being referenced
                                          type: string
                                        namespace:
                                          description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
                                          type: string
                                      required:
                                        - kind
                                        - name
                                      type: object
                                    resources:
                                      description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
                                      properties:
                                        claims:
                                          description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                                          items:
                                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                                            properties:
                                              name:
                                                description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                                type: string
                                            required:
                                              - name
                                            type: object
                                          type: array
                                          x-kubernetes-list-map-keys:
                                            - name
                                          x-kubernetes-list-type: map
                                        limits:
                                          additionalProperties:
                                            anyOf:
                                              - type: integer
                                              - type: string
                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                            x-kubernetes-int-or-string: true
                                          description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                          type: object
                                        requests:
                                          additionalProperties:
                                            anyOf:
                                              - type: integer
                                              - type: string
                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                            x-kubernetes-int-or-string: true
                                          description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                          type: object
                                      type: object
                                    selector:
                                      description: selector is a label query over volumes to consider for binding.
                                      properties:
                                        matchExpressions:
                                          description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                          items:
                                            description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                            properties:
                                              key:
                                                description: key is the label key that the selector applies to.
                                                type: string
                                              operator:
                                                description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                type: string
                                              values:
                                                description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                items:
                                                  type: string
                                                type: array
                                            required:
                                              - key
                                              - operator
                                            type: object
                                          type: array
                                        matchLabels:
                                          additionalProperties:
                                            type: string
                                          description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                          type: object
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    storageClassName:
                                      description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
                                      type: string
                                    volumeMode:
                                      description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
                                      type: string
                                    volumeName:
                                      description: volumeName is the binding reference to the PersistentVolume backing this claim.
                                      type: string
                                  type: object
                                status:
                                  description: 'status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                  properties:
                                    accessModes:
                                      description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                      items:
                                        type: string
                                      type: array
                                    allocatedResourceStatuses:
                                      additionalProperties:
                                        description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.
                                        type: string
                                      description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: - ControllerResizeInProgress: State set when resize controller starts resizing the volume in control-plane. - ControllerResizeFailed: State set when resize has failed in resize controller with a terminal error. - NodeResizePending: State set when resize controller has finished resizing the volume but further resizing of volume is needed on the node. - NodeResizeInProgress: State set when kubelet starts resizing the volume. - NodeResizeFailed: State set when resizing has failed in kubelet with a terminal error. Transient errors don't set NodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                      type: object
                                      x-kubernetes-map-type: granular
                                    allocatedResources:
                                      additionalProperties:
                                        anyOf:
                                          - type: integer
                                          - type: string
                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                        x-kubernetes-int-or-string: true
                                      description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                      type: object
                                    capacity:
                                      additionalProperties:
                                        anyOf:
                                          - type: integer
                                          - type: string
                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                        x-kubernetes-int-or-string: true
                                      description: capacity represents the actual resources of the underlying volume.
                                      type: object
                                    conditions:
                                      description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
                                      items:
                                        description: PersistentVolumeClaimCondition contains details about state of pvc
                                        properties:
                                          lastProbeTime:
                                            description: lastProbeTime is the time we probed the condition.
                                            format: date-time
                                            type: string
                                          lastTransitionTime:
                                            description: lastTransitionTime is the time the condition transitioned from one status to another.
                                            format: date-time
                                            type: string
                                          message:
                                            description: message is the human-readable message indicating details about last transition.
                                            type: string
                                          reason:
                                            description: reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
                                            type: string
                                          status:
                                            type: string
                                          type:
                                            description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
                                            type: string
                                        required:
                                          - status
                                          - type
                                        type: object
                                      type: array
                                    phase:
                                      description: phase represents the current phase of PersistentVolumeClaim.
                                      type: string
                                  type: object
                              type: object
                            type: array
                        required:
                          - count
                          - name
                          - volumeClaimTemplates
                        type: object
                      nullable: true
                      type: array
                    store:
                      description: OSDStore is the backend storage type used for creating the OSDs
                      properties:
                        type:
                          description: Type of backend storage to be used while creating OSDs. If empty, then bluestore will be used
                          enum:
                            - bluestore
                            - bluestore-rdr
                          type: string
                        updateStore:
                          description: UpdateStore updates the backend store for existing OSDs. It destroys each OSD one at a time, cleans up the backing disk and prepares same OSD on that disk
                          pattern: ^$|^yes-really-update-store$
                          type: string
                      type: object
                    useAllDevices:
                      description: Whether to consume all the storage devices found on a machine
                      type: boolean
                    useAllNodes:
                      type: boolean
                    volumeClaimTemplates:
                      description: PersistentVolumeClaims to use as storage
                      items:
                        description: PersistentVolumeClaim is a user's request for and claim to a persistent volume
                        properties:
                          apiVersion:
                            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
                            type: string
                          kind:
                            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
                            type: string
                          metadata:
                            description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
                            properties:
                              annotations:
                                additionalProperties:
                                  type: string
                                type: object
                              finalizers:
                                items:
                                  type: string
                                type: array
                              labels:
                                additionalProperties:
                                  type: string
                                type: object
                              name:
                                type: string
                              namespace:
                                type: string
                            type: object
                          spec:
                            description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                            properties:
                              accessModes:
                                description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                items:
                                  type: string
                                type: array
                              dataSource:
                                description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.'
                                properties:
                                  apiGroup:
                                    description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                    type: string
                                  kind:
                                    description: Kind is the type of resource being referenced
                                    type: string
                                  name:
                                    description: Name is the name of resource being referenced
                                    type: string
                                required:
                                  - kind
                                  - name
                                type: object
                                x-kubernetes-map-type: atomic
                              dataSourceRef:
                                description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
                                properties:
                                  apiGroup:
                                    description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
                                    type: string
                                  kind:
                                    description: Kind is the type of resource being referenced
                                    type: string
                                  name:
                                    description: Name is the name of resource being referenced
                                    type: string
                                  namespace:
                                    description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
                                    type: string
                                required:
                                  - kind
                                  - name
                                type: object
                              resources:
                                description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
                                properties:
                                  claims:
                                    description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                                    items:
                                      description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                                      properties:
                                        name:
                                          description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                          type: string
                                      required:
                                        - name
                                      type: object
                                    type: array
                                    x-kubernetes-list-map-keys:
                                      - name
                                    x-kubernetes-list-type: map
                                  limits:
                                    additionalProperties:
                                      anyOf:
                                        - type: integer
                                        - type: string
                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                      x-kubernetes-int-or-string: true
                                    description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                    type: object
                                  requests:
                                    additionalProperties:
                                      anyOf:
                                        - type: integer
                                        - type: string
                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                      x-kubernetes-int-or-string: true
                                    description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                    type: object
                                type: object
                              selector:
                                description: selector is a label query over volumes to consider for binding.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              storageClassName:
                                description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
                                type: string
                              volumeMode:
                                description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
                                type: string
                              volumeName:
                                description: volumeName is the binding reference to the PersistentVolume backing this claim.
                                type: string
                            type: object
                          status:
                            description: 'status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                            properties:
                              accessModes:
                                description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
                                items:
                                  type: string
                                type: array
                              allocatedResourceStatuses:
                                additionalProperties:
                                  description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.
                                  type: string
                                description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: - ControllerResizeInProgress: State set when resize controller starts resizing the volume in control-plane. - ControllerResizeFailed: State set when resize has failed in resize controller with a terminal error. - NodeResizePending: State set when resize controller has finished resizing the volume but further resizing of volume is needed on the node. - NodeResizeInProgress: State set when kubelet starts resizing the volume. - NodeResizeFailed: State set when resizing has failed in kubelet with a terminal error. Transient errors don't set NodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                type: object
                                x-kubernetes-map-type: granular
                              allocatedResources:
                                additionalProperties:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                  x-kubernetes-int-or-string: true
                                description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
                                type: object
                              capacity:
                                additionalProperties:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                  x-kubernetes-int-or-string: true
                                description: capacity represents the actual resources of the underlying volume.
                                type: object
                              conditions:
                                description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
                                items:
                                  description: PersistentVolumeClaimCondition contains details about state of pvc
                                  properties:
                                    lastProbeTime:
                                      description: lastProbeTime is the time we probed the condition.
                                      format: date-time
                                      type: string
                                    lastTransitionTime:
                                      description: lastTransitionTime is the time the condition transitioned from one status to another.
                                      format: date-time
                                      type: string
                                    message:
                                      description: message is the human-readable message indicating details about last transition.
                                      type: string
                                    reason:
                                      description: reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
                                      type: string
                                    status:
                                      type: string
                                    type:
                                      description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
                                      type: string
                                  required:
                                    - status
                                    - type
                                  type: object
                                type: array
                              phase:
                                description: phase represents the current phase of PersistentVolumeClaim.
                                type: string
                            type: object
                        type: object
                      type: array
                  type: object
                waitTimeoutForHealthyOSDInMinutes:
                  description: WaitTimeoutForHealthyOSDInMinutes defines the time the operator would wait before an OSD can be stopped for upgrade or restart. If the timeout exceeds and OSD is not ok to stop, then the operator would skip upgrade for the current OSD and proceed with the next one if `continueUpgradeAfterChecksEvenIfNotHealthy` is `false`. If `continueUpgradeAfterChecksEvenIfNotHealthy` is `true`, then operator would continue with the upgrade of an OSD even if its not ok to stop after the timeout. This timeout won't be applied if `skipUpgradeChecks` is `true`. The default wait timeout is 10 minutes.
                  format: int64
                  type: integer
              type: object
            status:
              description: ClusterStatus represents the status of a Ceph cluster
              nullable: true
              properties:
                ceph:
                  description: CephStatus is the details health of a Ceph Cluster
                  properties:
                    capacity:
                      description: Capacity is the capacity information of a Ceph Cluster
                      properties:
                        bytesAvailable:
                          format: int64
                          type: integer
                        bytesTotal:
                          format: int64
                          type: integer
                        bytesUsed:
                          format: int64
                          type: integer
                        lastUpdated:
                          type: string
                      type: object
                    details:
                      additionalProperties:
                        description: CephHealthMessage represents the health message of a Ceph Cluster
                        properties:
                          message:
                            type: string
                          severity:
                            type: string
                        required:
                          - message
                          - severity
                        type: object
                      type: object
                    fsid:
                      type: string
                    health:
                      type: string
                    lastChanged:
                      type: string
                    lastChecked:
                      type: string
                    previousHealth:
                      type: string
                    versions:
                      description: CephDaemonsVersions show the current ceph version for different ceph daemons
                      properties:
                        cephfs-mirror:
                          additionalProperties:
                            type: integer
                          description: CephFSMirror shows CephFSMirror Ceph version
                          type: object
                        mds:
                          additionalProperties:
                            type: integer
                          description: Mds shows Mds Ceph version
                          type: object
                        mgr:
                          additionalProperties:
                            type: integer
                          description: Mgr shows Mgr Ceph version
                          type: object
                        mon:
                          additionalProperties:
                            type: integer
                          description: Mon shows Mon Ceph version
                          type: object
                        osd:
                          additionalProperties:
                            type: integer
                          description: Osd shows Osd Ceph version
                          type: object
                        overall:
                          additionalProperties:
                            type: integer
                          description: Overall shows overall Ceph version
                          type: object
                        rbd-mirror:
                          additionalProperties:
                            type: integer
                          description: RbdMirror shows RbdMirror Ceph version
                          type: object
                        rgw:
                          additionalProperties:
                            type: integer
                          description: Rgw shows Rgw Ceph version
                          type: object
                      type: object
                  type: object
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                message:
                  type: string
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  description: ConditionType represent a resource's status
                  type: string
                state:
                  description: ClusterState represents the state of a Ceph Cluster
                  type: string
                storage:
                  description: CephStorage represents flavors of Ceph Cluster Storage
                  properties:
                    deviceClasses:
                      items:
                        description: DeviceClasses represents device classes of a Ceph Cluster
                        properties:
                          name:
                            type: string
                        type: object
                      type: array
                    osd:
                      description: OSDStatus represents OSD status of the ceph Cluster
                      properties:
                        storeType:
                          additionalProperties:
                            type: integer
                          description: StoreType is a mapping between the OSD backend stores and number of OSDs using these stores
                          type: object
                      type: object
                  type: object
                version:
                  description: ClusterVersion represents the version of a Ceph Cluster
                  properties:
                    image:
                      type: string
                    version:
                      type: string
                  type: object
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephcosidrivers.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephCOSIDriver
    listKind: CephCOSIDriverList
    plural: cephcosidrivers
    shortNames:
      - cephcosi
    singular: cephcosidriver
  scope: Namespaced
  versions:
    - name: v1
      schema:
        openAPIV3Schema:
          description: CephCOSIDriver represents the CRD for the Ceph COSI Driver Deployment
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: Spec represents the specification of a Ceph COSI Driver
              properties:
                deploymentStrategy:
                  description: DeploymentStrategy is the strategy to use to deploy the COSI driver.
                  enum:
                    - Never
                    - Auto
                    - Always
                  type: string
                image:
                  description: Image is the container image to run the Ceph COSI driver
                  type: string
                objectProvisionerImage:
                  description: ObjectProvisionerImage is the container image to run the COSI driver sidecar
                  type: string
                placement:
                  description: Placement is the placement strategy to use for the COSI driver
                  properties:
                    nodeAffinity:
                      description: NodeAffinity is a group of node affinity scheduling rules
                      properties:
                        preferredDuringSchedulingIgnoredDuringExecution:
                          description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
                          items:
                            description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
                            properties:
                              preference:
                                description: A node selector term, associated with the corresponding weight.
                                properties:
                                  matchExpressions:
                                    description: A list of node selector requirements by node's labels.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchFields:
                                    description: A list of node selector requirements by node's fields.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                type: object
                                x-kubernetes-map-type: atomic
                              weight:
                                description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
                                format: int32
                                type: integer
                            required:
                              - preference
                              - weight
                            type: object
                          type: array
                        requiredDuringSchedulingIgnoredDuringExecution:
                          description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
                          properties:
                            nodeSelectorTerms:
                              description: Required. A list of node selector terms. The terms are ORed.
                              items:
                                description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
                                properties:
                                  matchExpressions:
                                    description: A list of node selector requirements by node's labels.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchFields:
                                    description: A list of node selector requirements by node's fields.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                type: object
                                x-kubernetes-map-type: atomic
                              type: array
                          required:
                            - nodeSelectorTerms
                          type: object
                          x-kubernetes-map-type: atomic
                      type: object
                    podAffinity:
                      description: PodAffinity is a group of inter pod affinity scheduling rules
                      properties:
                        preferredDuringSchedulingIgnoredDuringExecution:
                          description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                          items:
                            description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                            properties:
                              podAffinityTerm:
                                description: Required. A pod affinity term, associated with the corresponding weight.
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              weight:
                                description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                format: int32
                                type: integer
                            required:
                              - podAffinityTerm
                              - weight
                            type: object
                          type: array
                        requiredDuringSchedulingIgnoredDuringExecution:
                          description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                          items:
                            description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                            properties:
                              labelSelector:
                                description: A label query over a set of resources, in this case pods.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaceSelector:
                                description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaces:
                                description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                items:
                                  type: string
                                type: array
                              topologyKey:
                                description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                type: string
                            required:
                              - topologyKey
                            type: object
                          type: array
                      type: object
                    podAntiAffinity:
                      description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules
                      properties:
                        preferredDuringSchedulingIgnoredDuringExecution:
                          description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                          items:
                            description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                            properties:
                              podAffinityTerm:
                                description: Required. A pod affinity term, associated with the corresponding weight.
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              weight:
                                description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                format: int32
                                type: integer
                            required:
                              - podAffinityTerm
                              - weight
                            type: object
                          type: array
                        requiredDuringSchedulingIgnoredDuringExecution:
                          description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                          items:
                            description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                            properties:
                              labelSelector:
                                description: A label query over a set of resources, in this case pods.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaceSelector:
                                description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaces:
                                description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                items:
                                  type: string
                                type: array
                              topologyKey:
                                description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                type: string
                            required:
                              - topologyKey
                            type: object
                          type: array
                      type: object
                    tolerations:
                      description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>
                      items:
                        description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
                        properties:
                          effect:
                            description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
                            type: string
                          key:
                            description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
                            type: string
                          operator:
                            description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
                            type: string
                          tolerationSeconds:
                            description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
                            format: int64
                            type: integer
                          value:
                            description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
                            type: string
                        type: object
                      type: array
                    topologySpreadConstraints:
                      description: TopologySpreadConstraint specifies how to spread matching pods among the given topology
                      items:
                        description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
                        properties:
                          labelSelector:
                            description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
                            properties:
                              matchExpressions:
                                description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                items:
                                  description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                  properties:
                                    key:
                                      description: key is the label key that the selector applies to.
                                      type: string
                                    operator:
                                      description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                      type: string
                                    values:
                                      description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                      items:
                                        type: string
                                      type: array
                                  required:
                                    - key
                                    - operator
                                  type: object
                                type: array
                              matchLabels:
                                additionalProperties:
                                  type: string
                                description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                type: object
                            type: object
                            x-kubernetes-map-type: atomic
                          matchLabelKeys:
                            description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
                            items:
                              type: string
                            type: array
                            x-kubernetes-list-type: atomic
                          maxSkew:
                            description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
                            format: int32
                            type: integer
                          minDomains:
                            description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
                            format: int32
                            type: integer
                          nodeAffinityPolicy:
                            description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                            type: string
                          nodeTaintsPolicy:
                            description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                            type: string
                          topologyKey:
                            description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
                            type: string
                          whenUnsatisfiable:
                            description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
                            type: string
                        required:
                          - maxSkew
                          - topologyKey
                          - whenUnsatisfiable
                        type: object
                      type: array
                  type: object
                resources:
                  description: Resources is the resource requirements for the COSI driver
                  properties:
                    claims:
                      description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                      items:
                        description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                        properties:
                          name:
                            description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                            type: string
                        required:
                          - name
                        type: object
                      type: array
                      x-kubernetes-list-map-keys:
                        - name
                      x-kubernetes-list-type: map
                    limits:
                      additionalProperties:
                        anyOf:
                          - type: integer
                          - type: string
                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                        x-kubernetes-int-or-string: true
                      description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                      type: object
                    requests:
                      additionalProperties:
                        anyOf:
                          - type: integer
                          - type: string
                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                        x-kubernetes-int-or-string: true
                      description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                      type: object
                  type: object
              type: object
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephfilesystemmirrors.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephFilesystemMirror
    listKind: CephFilesystemMirrorList
    plural: cephfilesystemmirrors
    singular: cephfilesystemmirror
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephFilesystemMirror is the Ceph Filesystem Mirror object definition
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: FilesystemMirroringSpec is the filesystem mirroring specification
              properties:
                annotations:
                  additionalProperties:
                    type: string
                  description: The annotations-related configuration to add/set on each Pod related object.
                  nullable: true
                  type: object
                labels:
                  additionalProperties:
                    type: string
                  description: The labels-related configuration to add/set on each Pod related object.
                  nullable: true
                  type: object
                placement:
                  description: The affinity to place the rgw pods (default is to place on any available node)
                  nullable: true
                  properties:
                    nodeAffinity:
                      description: NodeAffinity is a group of node affinity scheduling rules
                      properties:
                        preferredDuringSchedulingIgnoredDuringExecution:
                          description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
                          items:
                            description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
                            properties:
                              preference:
                                description: A node selector term, associated with the corresponding weight.
                                properties:
                                  matchExpressions:
                                    description: A list of node selector requirements by node's labels.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchFields:
                                    description: A list of node selector requirements by node's fields.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                type: object
                                x-kubernetes-map-type: atomic
                              weight:
                                description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
                                format: int32
                                type: integer
                            required:
                              - preference
                              - weight
                            type: object
                          type: array
                        requiredDuringSchedulingIgnoredDuringExecution:
                          description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
                          properties:
                            nodeSelectorTerms:
                              description: Required. A list of node selector terms. The terms are ORed.
                              items:
                                description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
                                properties:
                                  matchExpressions:
                                    description: A list of node selector requirements by node's labels.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchFields:
                                    description: A list of node selector requirements by node's fields.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                type: object
                                x-kubernetes-map-type: atomic
                              type: array
                          required:
                            - nodeSelectorTerms
                          type: object
                          x-kubernetes-map-type: atomic
                      type: object
                    podAffinity:
                      description: PodAffinity is a group of inter pod affinity scheduling rules
                      properties:
                        preferredDuringSchedulingIgnoredDuringExecution:
                          description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                          items:
                            description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                            properties:
                              podAffinityTerm:
                                description: Required. A pod affinity term, associated with the corresponding weight.
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              weight:
                                description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                format: int32
                                type: integer
                            required:
                              - podAffinityTerm
                              - weight
                            type: object
                          type: array
                        requiredDuringSchedulingIgnoredDuringExecution:
                          description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                          items:
                            description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                            properties:
                              labelSelector:
                                description: A label query over a set of resources, in this case pods.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaceSelector:
                                description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaces:
                                description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                items:
                                  type: string
                                type: array
                              topologyKey:
                                description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                type: string
                            required:
                              - topologyKey
                            type: object
                          type: array
                      type: object
                    podAntiAffinity:
                      description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules
                      properties:
                        preferredDuringSchedulingIgnoredDuringExecution:
                          description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                          items:
                            description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                            properties:
                              podAffinityTerm:
                                description: Required. A pod affinity term, associated with the corresponding weight.
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              weight:
                                description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                format: int32
                                type: integer
                            required:
                              - podAffinityTerm
                              - weight
                            type: object
                          type: array
                        requiredDuringSchedulingIgnoredDuringExecution:
                          description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                          items:
                            description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                            properties:
                              labelSelector:
                                description: A label query over a set of resources, in this case pods.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaceSelector:
                                description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaces:
                                description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                items:
                                  type: string
                                type: array
                              topologyKey:
                                description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                type: string
                            required:
                              - topologyKey
                            type: object
                          type: array
                      type: object
                    tolerations:
                      description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>
                      items:
                        description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
                        properties:
                          effect:
                            description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
                            type: string
                          key:
                            description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
                            type: string
                          operator:
                            description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
                            type: string
                          tolerationSeconds:
                            description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
                            format: int64
                            type: integer
                          value:
                            description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
                            type: string
                        type: object
                      type: array
                    topologySpreadConstraints:
                      description: TopologySpreadConstraint specifies how to spread matching pods among the given topology
                      items:
                        description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
                        properties:
                          labelSelector:
                            description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
                            properties:
                              matchExpressions:
                                description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                items:
                                  description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                  properties:
                                    key:
                                      description: key is the label key that the selector applies to.
                                      type: string
                                    operator:
                                      description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                      type: string
                                    values:
                                      description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                      items:
                                        type: string
                                      type: array
                                  required:
                                    - key
                                    - operator
                                  type: object
                                type: array
                              matchLabels:
                                additionalProperties:
                                  type: string
                                description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                type: object
                            type: object
                            x-kubernetes-map-type: atomic
                          matchLabelKeys:
                            description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
                            items:
                              type: string
                            type: array
                            x-kubernetes-list-type: atomic
                          maxSkew:
                            description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
                            format: int32
                            type: integer
                          minDomains:
                            description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
                            format: int32
                            type: integer
                          nodeAffinityPolicy:
                            description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                            type: string
                          nodeTaintsPolicy:
                            description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                            type: string
                          topologyKey:
                            description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
                            type: string
                          whenUnsatisfiable:
                            description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
                            type: string
                        required:
                          - maxSkew
                          - topologyKey
                          - whenUnsatisfiable
                        type: object
                      type: array
                  type: object
                priorityClassName:
                  description: PriorityClassName sets priority class on the cephfs-mirror pods
                  type: string
                resources:
                  description: The resource requirements for the cephfs-mirror pods
                  nullable: true
                  properties:
                    claims:
                      description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                      items:
                        description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                        properties:
                          name:
                            description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                            type: string
                        required:
                          - name
                        type: object
                      type: array
                      x-kubernetes-list-map-keys:
                        - name
                      x-kubernetes-list-type: map
                    limits:
                      additionalProperties:
                        anyOf:
                          - type: integer
                          - type: string
                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                        x-kubernetes-int-or-string: true
                      description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                      type: object
                    requests:
                      additionalProperties:
                        anyOf:
                          - type: integer
                          - type: string
                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                        x-kubernetes-int-or-string: true
                      description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                      type: object
                  type: object
              type: object
            status:
              description: Status represents the status of an object
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  type: string
              type: object
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephfilesystems.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephFilesystem
    listKind: CephFilesystemList
    plural: cephfilesystems
    singular: cephfilesystem
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - description: Number of desired active MDS daemons
          jsonPath: .spec.metadataServer.activeCount
          name: ActiveMDS
          type: string
        - jsonPath: .metadata.creationTimestamp
          name: Age
          type: date
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephFilesystem represents a Ceph Filesystem
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: FilesystemSpec represents the spec of a file system
              properties:
                dataPools:
                  description: The data pool settings, with optional predefined pool name.
                  items:
                    description: NamedPoolSpec represents the named ceph pool spec
                    properties:
                      compressionMode:
                        description: 'DEPRECATED: use Parameters instead, e.g., Parameters["compression_mode"] = "force" The inline compression mode in Bluestore OSD to set to (options are: none, passive, aggressive, force) Do NOT set a default value for kubebuilder as this will override the Parameters'
                        enum:
                          - none
                          - passive
                          - aggressive
                          - force
                          - ""
                        nullable: true
                        type: string
                      crushRoot:
                        description: The root of the crush hierarchy utilized by the pool
                        nullable: true
                        type: string
                      deviceClass:
                        description: The device class the OSD should set to for use in the pool
                        nullable: true
                        type: string
                      enableRBDStats:
                        description: EnableRBDStats is used to enable gathering of statistics for all RBD images in the pool
                        type: boolean
                      erasureCoded:
                        description: The erasure code settings
                        properties:
                          algorithm:
                            description: The algorithm for erasure coding
                            type: string
                          codingChunks:
                            description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool type). This is the number of OSDs that can be lost simultaneously before data cannot be recovered.
                            minimum: 0
                            type: integer
                          dataChunks:
                            description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool type). The number of chunks required to recover an object when any single OSD is lost is the same as dataChunks so be aware that the larger the number of data chunks, the higher the cost of recovery.
                            minimum: 0
                            type: integer
                        required:
                          - codingChunks
                          - dataChunks
                        type: object
                      failureDomain:
                        description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush map'
                        type: string
                      mirroring:
                        description: The mirroring settings
                        properties:
                          enabled:
                            description: Enabled whether this pool is mirrored or not
                            type: boolean
                          mode:
                            description: 'Mode is the mirroring mode: either pool or image'
                            type: string
                          peers:
                            description: Peers represents the peers spec
                            nullable: true
                            properties:
                              secretNames:
                                description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
                                items:
                                  type: string
                                type: array
                            type: object
                          snapshotSchedules:
                            description: SnapshotSchedules is the scheduling of snapshot for mirrored images/pools
                            items:
                              description: SnapshotScheduleSpec represents the snapshot scheduling settings of a mirrored pool
                              properties:
                                interval:
                                  description: Interval represent the periodicity of the snapshot.
                                  type: string
                                path:
                                  description: Path is the path to snapshot, only valid for CephFS
                                  type: string
                                startTime:
                                  description: StartTime indicates when to start the snapshot
                                  type: string
                              type: object
                            type: array
                        type: object
                      name:
                        description: Name of the pool
                        type: string
                      parameters:
                        additionalProperties:
                          type: string
                        description: Parameters is a list of properties to enable on a given pool
                        nullable: true
                        type: object
                        x-kubernetes-preserve-unknown-fields: true
                      quotas:
                        description: The quota settings
                        nullable: true
                        properties:
                          maxBytes:
                            description: MaxBytes represents the quota in bytes Deprecated in favor of MaxSize
                            format: int64
                            type: integer
                          maxObjects:
                            description: MaxObjects represents the quota in objects
                            format: int64
                            type: integer
                          maxSize:
                            description: MaxSize represents the quota in bytes as a string
                            pattern: ^[0-9]+[\.]?[0-9]*([KMGTPE]i|[kMGTPE])?$
                            type: string
                        type: object
                      replicated:
                        description: The replication settings
                        properties:
                          hybridStorage:
                            description: HybridStorage represents hybrid storage tier settings
                            nullable: true
                            properties:
                              primaryDeviceClass:
                                description: PrimaryDeviceClass represents high performance tier (for example SSD or NVME) for Primary OSD
                                minLength: 1
                                type: string
                              secondaryDeviceClass:
                                description: SecondaryDeviceClass represents low performance tier (for example HDDs) for remaining OSDs
                                minLength: 1
                                type: string
                            required:
                              - primaryDeviceClass
                              - secondaryDeviceClass
                            type: object
                          replicasPerFailureDomain:
                            description: ReplicasPerFailureDomain the number of replica in the specified failure domain
                            minimum: 1
                            type: integer
                          requireSafeReplicaSize:
                            description: RequireSafeReplicaSize if false allows you to set replica 1
                            type: boolean
                          size:
                            description: Size - Number of copies per object in a replicated storage pool, including the object itself (required for replicated pool type)
                            minimum: 0
                            type: integer
                          subFailureDomain:
                            description: SubFailureDomain the name of the sub-failure domain
                            type: string
                          targetSizeRatio:
                            description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity
                            type: number
                        required:
                          - size
                        type: object
                      statusCheck:
                        description: The mirroring statusCheck
                        properties:
                          mirror:
                            description: HealthCheckSpec represents the health check of an object store bucket
                            nullable: true
                            properties:
                              disabled:
                                type: boolean
                              interval:
                                description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                                type: string
                              timeout:
                                type: string
                            type: object
                        type: object
                        x-kubernetes-preserve-unknown-fields: true
                    type: object
                  nullable: true
                  type: array
                metadataPool:
                  description: The metadata pool settings
                  nullable: true
                  properties:
                    compressionMode:
                      description: 'DEPRECATED: use Parameters instead, e.g., Parameters["compression_mode"] = "force" The inline compression mode in Bluestore OSD to set to (options are: none, passive, aggressive, force) Do NOT set a default value for kubebuilder as this will override the Parameters'
                      enum:
                        - none
                        - passive
                        - aggressive
                        - force
                        - ""
                      nullable: true
                      type: string
                    crushRoot:
                      description: The root of the crush hierarchy utilized by the pool
                      nullable: true
                      type: string
                    deviceClass:
                      description: The device class the OSD should set to for use in the pool
                      nullable: true
                      type: string
                    enableRBDStats:
                      description: EnableRBDStats is used to enable gathering of statistics for all RBD images in the pool
                      type: boolean
                    erasureCoded:
                      description: The erasure code settings
                      properties:
                        algorithm:
                          description: The algorithm for erasure coding
                          type: string
                        codingChunks:
                          description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool type). This is the number of OSDs that can be lost simultaneously before data cannot be recovered.
                          minimum: 0
                          type: integer
                        dataChunks:
                          description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool type). The number of chunks required to recover an object when any single OSD is lost is the same as dataChunks so be aware that the larger the number of data chunks, the higher the cost of recovery.
                          minimum: 0
                          type: integer
                      required:
                        - codingChunks
                        - dataChunks
                      type: object
                    failureDomain:
                      description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush map'
                      type: string
                    mirroring:
                      description: The mirroring settings
                      properties:
                        enabled:
                          description: Enabled whether this pool is mirrored or not
                          type: boolean
                        mode:
                          description: 'Mode is the mirroring mode: either pool or image'
                          type: string
                        peers:
                          description: Peers represents the peers spec
                          nullable: true
                          properties:
                            secretNames:
                              description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
                              items:
                                type: string
                              type: array
                          type: object
                        snapshotSchedules:
                          description: SnapshotSchedules is the scheduling of snapshot for mirrored images/pools
                          items:
                            description: SnapshotScheduleSpec represents the snapshot scheduling settings of a mirrored pool
                            properties:
                              interval:
                                description: Interval represent the periodicity of the snapshot.
                                type: string
                              path:
                                description: Path is the path to snapshot, only valid for CephFS
                                type: string
                              startTime:
                                description: StartTime indicates when to start the snapshot
                                type: string
                            type: object
                          type: array
                      type: object
                    parameters:
                      additionalProperties:
                        type: string
                      description: Parameters is a list of properties to enable on a given pool
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    quotas:
                      description: The quota settings
                      nullable: true
                      properties:
                        maxBytes:
                          description: MaxBytes represents the quota in bytes Deprecated in favor of MaxSize
                          format: int64
                          type: integer
                        maxObjects:
                          description: MaxObjects represents the quota in objects
                          format: int64
                          type: integer
                        maxSize:
                          description: MaxSize represents the quota in bytes as a string
                          pattern: ^[0-9]+[\.]?[0-9]*([KMGTPE]i|[kMGTPE])?$
                          type: string
                      type: object
                    replicated:
                      description: The replication settings
                      properties:
                        hybridStorage:
                          description: HybridStorage represents hybrid storage tier settings
                          nullable: true
                          properties:
                            primaryDeviceClass:
                              description: PrimaryDeviceClass represents high performance tier (for example SSD or NVME) for Primary OSD
                              minLength: 1
                              type: string
                            secondaryDeviceClass:
                              description: SecondaryDeviceClass represents low performance tier (for example HDDs) for remaining OSDs
                              minLength: 1
                              type: string
                          required:
                            - primaryDeviceClass
                            - secondaryDeviceClass
                          type: object
                        replicasPerFailureDomain:
                          description: ReplicasPerFailureDomain the number of replica in the specified failure domain
                          minimum: 1
                          type: integer
                        requireSafeReplicaSize:
                          description: RequireSafeReplicaSize if false allows you to set replica 1
                          type: boolean
                        size:
                          description: Size - Number of copies per object in a replicated storage pool, including the object itself (required for replicated pool type)
                          minimum: 0
                          type: integer
                        subFailureDomain:
                          description: SubFailureDomain the name of the sub-failure domain
                          type: string
                        targetSizeRatio:
                          description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity
                          type: number
                      required:
                        - size
                      type: object
                    statusCheck:
                      description: The mirroring statusCheck
                      properties:
                        mirror:
                          description: HealthCheckSpec represents the health check of an object store bucket
                          nullable: true
                          properties:
                            disabled:
                              type: boolean
                            interval:
                              description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                              type: string
                            timeout:
                              type: string
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                  type: object
                metadataServer:
                  description: The mds pod info
                  properties:
                    activeCount:
                      description: The number of metadata servers that are active. The remaining servers in the cluster will be in standby mode.
                      format: int32
                      maximum: 10
                      minimum: 1
                      type: integer
                    activeStandby:
                      description: Whether each active MDS instance will have an active standby with a warm metadata cache for faster failover. If false, standbys will still be available, but will not have a warm metadata cache.
                      type: boolean
                    annotations:
                      additionalProperties:
                        type: string
                      description: The annotations-related configuration to add/set on each Pod related object.
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    labels:
                      additionalProperties:
                        type: string
                      description: The labels-related configuration to add/set on each Pod related object.
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    livenessProbe:
                      description: ProbeSpec is a wrapper around Probe so it can be enabled or disabled for a Ceph daemon
                      properties:
                        disabled:
                          description: Disabled determines whether probe is disable or not
                          type: boolean
                        probe:
                          description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.
                          properties:
                            exec:
                              description: Exec specifies the action to take.
                              properties:
                                command:
                                  description: Command is the command line to execute inside the container, the working directory for the command  is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                                  items:
                                    type: string
                                  type: array
                              type: object
                            failureThreshold:
                              description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
                              format: int32
                              type: integer
                            grpc:
                              description: GRPC specifies an action involving a GRPC port.
                              properties:
                                port:
                                  description: Port number of the gRPC service. Number must be in the range 1 to 65535.
                                  format: int32
                                  type: integer
                                service:
                                  description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
                                  type: string
                              required:
                                - port
                              type: object
                            httpGet:
                              description: HTTPGet specifies the http request to perform.
                              properties:
                                host:
                                  description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
                                  type: string
                                httpHeaders:
                                  description: Custom headers to set in the request. HTTP allows repeated headers.
                                  items:
                                    description: HTTPHeader describes a custom header to be used in HTTP probes
                                    properties:
                                      name:
                                        description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
                                        type: string
                                      value:
                                        description: The header field value
                                        type: string
                                    required:
                                      - name
                                      - value
                                    type: object
                                  type: array
                                path:
                                  description: Path to access on the HTTP server.
                                  type: string
                                port:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                  x-kubernetes-int-or-string: true
                                scheme:
                                  description: Scheme to use for connecting to the host. Defaults to HTTP.
                                  type: string
                              required:
                                - port
                              type: object
                            initialDelaySeconds:
                              description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                              format: int32
                              type: integer
                            periodSeconds:
                              description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
                              format: int32
                              type: integer
                            successThreshold:
                              description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
                              format: int32
                              type: integer
                            tcpSocket:
                              description: TCPSocket specifies an action involving a TCP port.
                              properties:
                                host:
                                  description: 'Optional: Host name to connect to, defaults to the pod IP.'
                                  type: string
                                port:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                  x-kubernetes-int-or-string: true
                              required:
                                - port
                              type: object
                            terminationGracePeriodSeconds:
                              description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
                              format: int64
                              type: integer
                            timeoutSeconds:
                              description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                              format: int32
                              type: integer
                          type: object
                      type: object
                    placement:
                      description: The affinity to place the mds pods (default is to place on all available node) with a daemonset
                      nullable: true
                      properties:
                        nodeAffinity:
                          description: NodeAffinity is a group of node affinity scheduling rules
                          properties:
                            preferredDuringSchedulingIgnoredDuringExecution:
                              description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
                              items:
                                description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
                                properties:
                                  preference:
                                    description: A node selector term, associated with the corresponding weight.
                                    properties:
                                      matchExpressions:
                                        description: A list of node selector requirements by node's labels.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchFields:
                                        description: A list of node selector requirements by node's fields.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  weight:
                                    description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
                                    format: int32
                                    type: integer
                                required:
                                  - preference
                                  - weight
                                type: object
                              type: array
                            requiredDuringSchedulingIgnoredDuringExecution:
                              description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
                              properties:
                                nodeSelectorTerms:
                                  description: Required. A list of node selector terms. The terms are ORed.
                                  items:
                                    description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
                                    properties:
                                      matchExpressions:
                                        description: A list of node selector requirements by node's labels.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchFields:
                                        description: A list of node selector requirements by node's fields.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  type: array
                              required:
                                - nodeSelectorTerms
                              type: object
                              x-kubernetes-map-type: atomic
                          type: object
                        podAffinity:
                          description: PodAffinity is a group of inter pod affinity scheduling rules
                          properties:
                            preferredDuringSchedulingIgnoredDuringExecution:
                              description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                              items:
                                description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                properties:
                                  podAffinityTerm:
                                    description: Required. A pod affinity term, associated with the corresponding weight.
                                    properties:
                                      labelSelector:
                                        description: A label query over a set of resources, in this case pods.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaceSelector:
                                        description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaces:
                                        description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                        items:
                                          type: string
                                        type: array
                                      topologyKey:
                                        description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                        type: string
                                    required:
                                      - topologyKey
                                    type: object
                                  weight:
                                    description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                    format: int32
                                    type: integer
                                required:
                                  - podAffinityTerm
                                  - weight
                                type: object
                              type: array
                            requiredDuringSchedulingIgnoredDuringExecution:
                              description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                              items:
                                description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              type: array
                          type: object
                        podAntiAffinity:
                          description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules
                          properties:
                            preferredDuringSchedulingIgnoredDuringExecution:
                              description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                              items:
                                description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                properties:
                                  podAffinityTerm:
                                    description: Required. A pod affinity term, associated with the corresponding weight.
                                    properties:
                                      labelSelector:
                                        description: A label query over a set of resources, in this case pods.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaceSelector:
                                        description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaces:
                                        description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                        items:
                                          type: string
                                        type: array
                                      topologyKey:
                                        description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                        type: string
                                    required:
                                      - topologyKey
                                    type: object
                                  weight:
                                    description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                    format: int32
                                    type: integer
                                required:
                                  - podAffinityTerm
                                  - weight
                                type: object
                              type: array
                            requiredDuringSchedulingIgnoredDuringExecution:
                              description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                              items:
                                description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              type: array
                          type: object
                        tolerations:
                          description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>
                          items:
                            description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
                            properties:
                              effect:
                                description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
                                type: string
                              key:
                                description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
                                type: string
                              operator:
                                description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
                                type: string
                              tolerationSeconds:
                                description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
                                format: int64
                                type: integer
                              value:
                                description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
                                type: string
                            type: object
                          type: array
                        topologySpreadConstraints:
                          description: TopologySpreadConstraint specifies how to spread matching pods among the given topology
                          items:
                            description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
                            properties:
                              labelSelector:
                                description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              matchLabelKeys:
                                description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
                                items:
                                  type: string
                                type: array
                                x-kubernetes-list-type: atomic
                              maxSkew:
                                description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
                                format: int32
                                type: integer
                              minDomains:
                                description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
                                format: int32
                                type: integer
                              nodeAffinityPolicy:
                                description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                type: string
                              nodeTaintsPolicy:
                                description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                type: string
                              topologyKey:
                                description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
                                type: string
                              whenUnsatisfiable:
                                description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
                                type: string
                            required:
                              - maxSkew
                              - topologyKey
                              - whenUnsatisfiable
                            type: object
                          type: array
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    priorityClassName:
                      description: PriorityClassName sets priority classes on components
                      type: string
                    resources:
                      description: The resource requirements for the rgw pods
                      nullable: true
                      properties:
                        claims:
                          description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                          items:
                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                            properties:
                              name:
                                description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                type: string
                            required:
                              - name
                            type: object
                          type: array
                          x-kubernetes-list-map-keys:
                            - name
                          x-kubernetes-list-type: map
                        limits:
                          additionalProperties:
                            anyOf:
                              - type: integer
                              - type: string
                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                            x-kubernetes-int-or-string: true
                          description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                          type: object
                        requests:
                          additionalProperties:
                            anyOf:
                              - type: integer
                              - type: string
                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                            x-kubernetes-int-or-string: true
                          description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    startupProbe:
                      description: ProbeSpec is a wrapper around Probe so it can be enabled or disabled for a Ceph daemon
                      properties:
                        disabled:
                          description: Disabled determines whether probe is disable or not
                          type: boolean
                        probe:
                          description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.
                          properties:
                            exec:
                              description: Exec specifies the action to take.
                              properties:
                                command:
                                  description: Command is the command line to execute inside the container, the working directory for the command  is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                                  items:
                                    type: string
                                  type: array
                              type: object
                            failureThreshold:
                              description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
                              format: int32
                              type: integer
                            grpc:
                              description: GRPC specifies an action involving a GRPC port.
                              properties:
                                port:
                                  description: Port number of the gRPC service. Number must be in the range 1 to 65535.
                                  format: int32
                                  type: integer
                                service:
                                  description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
                                  type: string
                              required:
                                - port
                              type: object
                            httpGet:
                              description: HTTPGet specifies the http request to perform.
                              properties:
                                host:
                                  description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
                                  type: string
                                httpHeaders:
                                  description: Custom headers to set in the request. HTTP allows repeated headers.
                                  items:
                                    description: HTTPHeader describes a custom header to be used in HTTP probes
                                    properties:
                                      name:
                                        description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
                                        type: string
                                      value:
                                        description: The header field value
                                        type: string
                                    required:
                                      - name
                                      - value
                                    type: object
                                  type: array
                                path:
                                  description: Path to access on the HTTP server.
                                  type: string
                                port:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                  x-kubernetes-int-or-string: true
                                scheme:
                                  description: Scheme to use for connecting to the host. Defaults to HTTP.
                                  type: string
                              required:
                                - port
                              type: object
                            initialDelaySeconds:
                              description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                              format: int32
                              type: integer
                            periodSeconds:
                              description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
                              format: int32
                              type: integer
                            successThreshold:
                              description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
                              format: int32
                              type: integer
                            tcpSocket:
                              description: TCPSocket specifies an action involving a TCP port.
                              properties:
                                host:
                                  description: 'Optional: Host name to connect to, defaults to the pod IP.'
                                  type: string
                                port:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                  x-kubernetes-int-or-string: true
                              required:
                                - port
                              type: object
                            terminationGracePeriodSeconds:
                              description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
                              format: int64
                              type: integer
                            timeoutSeconds:
                              description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                              format: int32
                              type: integer
                          type: object
                      type: object
                  required:
                    - activeCount
                  type: object
                mirroring:
                  description: The mirroring settings
                  nullable: true
                  properties:
                    enabled:
                      description: Enabled whether this filesystem is mirrored or not
                      type: boolean
                    peers:
                      description: Peers represents the peers spec
                      nullable: true
                      properties:
                        secretNames:
                          description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
                          items:
                            type: string
                          type: array
                      type: object
                    snapshotRetention:
                      description: Retention is the retention policy for a snapshot schedule One path has exactly one retention policy. A policy can however contain multiple count-time period pairs in order to specify complex retention policies
                      items:
                        description: SnapshotScheduleRetentionSpec is a retention policy
                        properties:
                          duration:
                            description: Duration represents the retention duration for a snapshot
                            type: string
                          path:
                            description: Path is the path to snapshot
                            type: string
                        type: object
                      type: array
                    snapshotSchedules:
                      description: SnapshotSchedules is the scheduling of snapshot for mirrored filesystems
                      items:
                        description: SnapshotScheduleSpec represents the snapshot scheduling settings of a mirrored pool
                        properties:
                          interval:
                            description: Interval represent the periodicity of the snapshot.
                            type: string
                          path:
                            description: Path is the path to snapshot, only valid for CephFS
                            type: string
                          startTime:
                            description: StartTime indicates when to start the snapshot
                            type: string
                        type: object
                      type: array
                  type: object
                preserveFilesystemOnDelete:
                  description: Preserve the fs in the cluster on CephFilesystem CR deletion. Setting this to true automatically implies PreservePoolsOnDelete is true.
                  type: boolean
                preservePoolsOnDelete:
                  description: Preserve pools on filesystem deletion
                  type: boolean
                statusCheck:
                  description: The mirroring statusCheck
                  properties:
                    mirror:
                      description: HealthCheckSpec represents the health check of an object store bucket
                      nullable: true
                      properties:
                        disabled:
                          type: boolean
                        interval:
                          description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                          type: string
                        timeout:
                          type: string
                      type: object
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
              required:
                - dataPools
                - metadataPool
                - metadataServer
              type: object
            status:
              description: CephFilesystemStatus represents the status of a Ceph Filesystem
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                info:
                  additionalProperties:
                    type: string
                  description: Use only info and put mirroringStatus in it?
                  nullable: true
                  type: object
                mirroringStatus:
                  description: MirroringStatus is the filesystem mirroring status
                  properties:
                    daemonsStatus:
                      description: PoolMirroringStatus is the mirroring status of a filesystem
                      items:
                        description: FilesystemMirrorInfoSpec is the filesystem mirror status of a given filesystem
                        properties:
                          daemon_id:
                            description: DaemonID is the cephfs-mirror name
                            type: integer
                          filesystems:
                            description: Filesystems is the list of filesystems managed by a given cephfs-mirror daemon
                            items:
                              description: FilesystemsSpec is spec for the mirrored filesystem
                              properties:
                                directory_count:
                                  description: DirectoryCount is the number of directories in the filesystem
                                  type: integer
                                filesystem_id:
                                  description: FilesystemID is the filesystem identifier
                                  type: integer
                                name:
                                  description: Name is name of the filesystem
                                  type: string
                                peers:
                                  description: Peers represents the mirroring peers
                                  items:
                                    description: FilesystemMirrorInfoPeerSpec is the specification of a filesystem peer mirror
                                    properties:
                                      remote:
                                        description: Remote are the remote cluster information
                                        properties:
                                          client_name:
                                            description: ClientName is cephx name
                                            type: string
                                          cluster_name:
                                            description: ClusterName is the name of the cluster
                                            type: string
                                          fs_name:
                                            description: FsName is the filesystem name
                                            type: string
                                        type: object
                                      stats:
                                        description: Stats are the stat a peer mirror
                                        properties:
                                          failure_count:
                                            description: FailureCount is the number of mirroring failure
                                            type: integer
                                          recovery_count:
                                            description: RecoveryCount is the number of recovery attempted after failures
                                            type: integer
                                        type: object
                                      uuid:
                                        description: UUID is the peer unique identifier
                                        type: string
                                    type: object
                                  type: array
                              type: object
                            type: array
                        type: object
                      nullable: true
                      type: array
                    details:
                      description: Details contains potential status errors
                      type: string
                    lastChanged:
                      description: LastChanged is the last time time the status last changed
                      type: string
                    lastChecked:
                      description: LastChecked is the last time time the status was checked
                      type: string
                  type: object
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  description: ConditionType represent a resource's status
                  type: string
                snapshotScheduleStatus:
                  description: FilesystemSnapshotScheduleStatusSpec is the status of the snapshot schedule
                  properties:
                    details:
                      description: Details contains potential status errors
                      type: string
                    lastChanged:
                      description: LastChanged is the last time time the status last changed
                      type: string
                    lastChecked:
                      description: LastChecked is the last time time the status was checked
                      type: string
                    snapshotSchedules:
                      description: SnapshotSchedules is the list of snapshots scheduled
                      items:
                        description: FilesystemSnapshotSchedulesSpec is the list of snapshot scheduled for images in a pool
                        properties:
                          fs:
                            description: Fs is the name of the Ceph Filesystem
                            type: string
                          path:
                            description: Path is the path on the filesystem
                            type: string
                          rel_path:
                            type: string
                          retention:
                            description: FilesystemSnapshotScheduleStatusRetention is the retention specification for a filesystem snapshot schedule
                            properties:
                              active:
                                description: Active is whether the scheduled is active or not
                                type: boolean
                              created:
                                description: Created is when the snapshot schedule was created
                                type: string
                              created_count:
                                description: CreatedCount is total amount of snapshots
                                type: integer
                              first:
                                description: First is when the first snapshot schedule was taken
                                type: string
                              last:
                                description: Last is when the last snapshot schedule was taken
                                type: string
                              last_pruned:
                                description: LastPruned is when the last snapshot schedule was pruned
                                type: string
                              pruned_count:
                                description: PrunedCount is total amount of pruned snapshots
                                type: integer
                              start:
                                description: Start is when the snapshot schedule starts
                                type: string
                            type: object
                          schedule:
                            type: string
                          subvol:
                            description: Subvol is the name of the sub volume
                            type: string
                        type: object
                      nullable: true
                      type: array
                  type: object
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephfilesystemsubvolumegroups.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephFilesystemSubVolumeGroup
    listKind: CephFilesystemSubVolumeGroupList
    plural: cephfilesystemsubvolumegroups
    singular: cephfilesystemsubvolumegroup
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephFilesystemSubVolumeGroup represents a Ceph Filesystem SubVolumeGroup
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: Spec represents the specification of a Ceph Filesystem SubVolumeGroup
              properties:
                filesystemName:
                  description: FilesystemName is the name of Ceph Filesystem SubVolumeGroup volume name. Typically it's the name of the CephFilesystem CR. If not coming from the CephFilesystem CR, it can be retrieved from the list of Ceph Filesystem volumes with `ceph fs volume ls`. To learn more about Ceph Filesystem abstractions see https://docs.ceph.com/en/latest/cephfs/fs-volumes/#fs-volumes-and-subvolumes
                  type: string
              required:
                - filesystemName
              type: object
            status:
              description: Status represents the status of a CephFilesystem SubvolumeGroup
              properties:
                info:
                  additionalProperties:
                    type: string
                  nullable: true
                  type: object
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  description: ConditionType represent a resource's status
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephnfses.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephNFS
    listKind: CephNFSList
    plural: cephnfses
    shortNames:
      - nfs
    singular: cephnfs
  scope: Namespaced
  versions:
    - name: v1
      schema:
        openAPIV3Schema:
          description: CephNFS represents a Ceph NFS
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: NFSGaneshaSpec represents the spec of an nfs ganesha server
              properties:
                rados:
                  description: RADOS is the Ganesha RADOS specification
                  nullable: true
                  properties:
                    namespace:
                      description: The namespace inside the Ceph pool (set by 'pool') where shared NFS-Ganesha config is stored. This setting is required for Ceph v15 and ignored for Ceph v16. As of Ceph Pacific v16+, this is internally set to the name of the CephNFS.
                      type: string
                    pool:
                      description: The Ceph pool used store the shared configuration for NFS-Ganesha daemons. This setting is required for Ceph v15 and ignored for Ceph v16. As of Ceph Pacific 16.2.7+, this is internally hardcoded to ".nfs".
                      type: string
                  type: object
                security:
                  description: Security allows specifying security configurations for the NFS cluster
                  nullable: true
                  properties:
                    kerberos:
                      description: Kerberos configures NFS-Ganesha to secure NFS client connections with Kerberos.
                      nullable: true
                      properties:
                        configFiles:
                          description: "ConfigFiles defines where the Kerberos configuration should be sourced from. Config files will be placed into the `/etc/krb5.conf.rook/` directory. \n If this is left empty, Rook will not add any files. This allows you to manage the files yourself however you wish. For example, you may build them into your custom Ceph container image or use the Vault agent injector to securely add the files via annotations on the CephNFS spec (passed to the NFS server pods). \n Rook configures Kerberos to log to stderr. We suggest removing logging sections from config files to avoid consuming unnecessary disk space from logging to files."
                          properties:
                            volumeSource:
                              description: VolumeSource accepts a pared down version of the standard Kubernetes VolumeSource for Kerberos configuration files like what is normally used to configure Volumes for a Pod. For example, a ConfigMap, Secret, or HostPath. The volume may contain multiple files, all of which will be loaded.
                              properties:
                                configMap:
                                  description: configMap represents a configMap that should populate this volume
                                  properties:
                                    defaultMode:
                                      description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                      format: int32
                                      type: integer
                                    items:
                                      description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                      items:
                                        description: Maps a string key to a path within a volume.
                                        properties:
                                          key:
                                            description: key is the key to project.
                                            type: string
                                          mode:
                                            description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                            format: int32
                                            type: integer
                                          path:
                                            description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                            type: string
                                        required:
                                          - key
                                          - path
                                        type: object
                                      type: array
                                    name:
                                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                      type: string
                                    optional:
                                      description: optional specify whether the ConfigMap or its keys must be defined
                                      type: boolean
                                  type: object
                                  x-kubernetes-map-type: atomic
                                emptyDir:
                                  description: 'emptyDir represents a temporary directory that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                  properties:
                                    medium:
                                      description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                      type: string
                                    sizeLimit:
                                      anyOf:
                                        - type: integer
                                        - type: string
                                      description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                      x-kubernetes-int-or-string: true
                                  type: object
                                hostPath:
                                  description: 'hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath ---'
                                  properties:
                                    path:
                                      description: 'path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
                                      type: string
                                    type:
                                      description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
                                      type: string
                                  required:
                                    - path
                                  type: object
                                persistentVolumeClaim:
                                  description: 'persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                  properties:
                                    claimName:
                                      description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                      type: string
                                    readOnly:
                                      description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
                                      type: boolean
                                  required:
                                    - claimName
                                  type: object
                                projected:
                                  description: projected items for all in one resources secrets, configmaps, and downward API
                                  properties:
                                    defaultMode:
                                      description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                                      format: int32
                                      type: integer
                                    sources:
                                      description: sources is the list of volume projections
                                      items:
                                        description: Projection that may be projected along with other supported volume types
                                        properties:
                                          configMap:
                                            description: configMap information about the configMap data to project
                                            properties:
                                              items:
                                                description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                                items:
                                                  description: Maps a string key to a path within a volume.
                                                  properties:
                                                    key:
                                                      description: key is the key to project.
                                                      type: string
                                                    mode:
                                                      description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                      format: int32
                                                      type: integer
                                                    path:
                                                      description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                      type: string
                                                  required:
                                                    - key
                                                    - path
                                                  type: object
                                                type: array
                                              name:
                                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                                type: string
                                              optional:
                                                description: optional specify whether the ConfigMap or its keys must be defined
                                                type: boolean
                                            type: object
                                            x-kubernetes-map-type: atomic
                                          downwardAPI:
                                            description: downwardAPI information about the downwardAPI data to project
                                            properties:
                                              items:
                                                description: Items is a list of DownwardAPIVolume file
                                                items:
                                                  description: DownwardAPIVolumeFile represents information to create the file containing the pod field
                                                  properties:
                                                    fieldRef:
                                                      description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
                                                      properties:
                                                        apiVersion:
                                                          description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
                                                          type: string
                                                        fieldPath:
                                                          description: Path of the field to select in the specified API version.
                                                          type: string
                                                      required:
                                                        - fieldPath
                                                      type: object
                                                      x-kubernetes-map-type: atomic
                                                    mode:
                                                      description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                      format: int32
                                                      type: integer
                                                    path:
                                                      description: 'Required: Path is  the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
                                                      type: string
                                                    resourceFieldRef:
                                                      description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
                                                      properties:
                                                        containerName:
                                                          description: 'Container name: required for volumes, optional for env vars'
                                                          type: string
                                                        divisor:
                                                          anyOf:
                                                            - type: integer
                                                            - type: string
                                                          description: Specifies the output format of the exposed resources, defaults to "1"
                                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                                          x-kubernetes-int-or-string: true
                                                        resource:
                                                          description: 'Required: resource to select'
                                                          type: string
                                                      required:
                                                        - resource
                                                      type: object
                                                      x-kubernetes-map-type: atomic
                                                  required:
                                                    - path
                                                  type: object
                                                type: array
                                            type: object
                                          secret:
                                            description: secret information about the secret data to project
                                            properties:
                                              items:
                                                description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                                items:
                                                  description: Maps a string key to a path within a volume.
                                                  properties:
                                                    key:
                                                      description: key is the key to project.
                                                      type: string
                                                    mode:
                                                      description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                      format: int32
                                                      type: integer
                                                    path:
                                                      description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                      type: string
                                                  required:
                                                    - key
                                                    - path
                                                  type: object
                                                type: array
                                              name:
                                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                                type: string
                                              optional:
                                                description: optional field specify whether the Secret or its key must be defined
                                                type: boolean
                                            type: object
                                            x-kubernetes-map-type: atomic
                                          serviceAccountToken:
                                            description: serviceAccountToken is information about the serviceAccountToken data to project
                                            properties:
                                              audience:
                                                description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
                                                type: string
                                              expirationSeconds:
                                                description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
                                                format: int64
                                                type: integer
                                              path:
                                                description: path is the path relative to the mount point of the file to project the token into.
                                                type: string
                                            required:
                                              - path
                                            type: object
                                        type: object
                                      type: array
                                  type: object
                                secret:
                                  description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
                                  properties:
                                    defaultMode:
                                      description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                      format: int32
                                      type: integer
                                    items:
                                      description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                      items:
                                        description: Maps a string key to a path within a volume.
                                        properties:
                                          key:
                                            description: key is the key to project.
                                            type: string
                                          mode:
                                            description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                            format: int32
                                            type: integer
                                          path:
                                            description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                            type: string
                                        required:
                                          - key
                                          - path
                                        type: object
                                      type: array
                                    optional:
                                      description: optional field specify whether the Secret or its keys must be defined
                                      type: boolean
                                    secretName:
                                      description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
                                      type: string
                                  type: object
                              type: object
                          type: object
                        domainName:
                          description: DomainName should be set to the Kerberos Realm.
                          type: string
                        keytabFile:
                          description: KeytabFile defines where the Kerberos keytab should be sourced from. The keytab file will be placed into `/etc/krb5.keytab`. If this is left empty, Rook will not add the file. This allows you to manage the `krb5.keytab` file yourself however you wish. For example, you may build it into your custom Ceph container image or use the Vault agent injector to securely add the file via annotations on the CephNFS spec (passed to the NFS server pods).
                          properties:
                            volumeSource:
                              description: 'VolumeSource accepts a pared down version of the standard Kubernetes VolumeSource for the Kerberos keytab file like what is normally used to configure Volumes for a Pod. For example, a Secret or HostPath. There are two requirements for the source''s content: 1. The config file must be mountable via `subPath: krb5.keytab`. For example, in a Secret, the data item must be named `krb5.keytab`, or `items` must be defined to select the key and give it path `krb5.keytab`. A HostPath directory must have the `krb5.keytab` file. 2. The volume or config file must have mode 0600.'
                              properties:
                                configMap:
                                  description: configMap represents a configMap that should populate this volume
                                  properties:
                                    defaultMode:
                                      description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                      format: int32
                                      type: integer
                                    items:
                                      description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                      items:
                                        description: Maps a string key to a path within a volume.
                                        properties:
                                          key:
                                            description: key is the key to project.
                                            type: string
                                          mode:
                                            description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                            format: int32
                                            type: integer
                                          path:
                                            description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                            type: string
                                        required:
                                          - key
                                          - path
                                        type: object
                                      type: array
                                    name:
                                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                      type: string
                                    optional:
                                      description: optional specify whether the ConfigMap or its keys must be defined
                                      type: boolean
                                  type: object
                                  x-kubernetes-map-type: atomic
                                emptyDir:
                                  description: 'emptyDir represents a temporary directory that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                  properties:
                                    medium:
                                      description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                      type: string
                                    sizeLimit:
                                      anyOf:
                                        - type: integer
                                        - type: string
                                      description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                      x-kubernetes-int-or-string: true
                                  type: object
                                hostPath:
                                  description: 'hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath ---'
                                  properties:
                                    path:
                                      description: 'path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
                                      type: string
                                    type:
                                      description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
                                      type: string
                                  required:
                                    - path
                                  type: object
                                persistentVolumeClaim:
                                  description: 'persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                  properties:
                                    claimName:
                                      description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                      type: string
                                    readOnly:
                                      description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
                                      type: boolean
                                  required:
                                    - claimName
                                  type: object
                                projected:
                                  description: projected items for all in one resources secrets, configmaps, and downward API
                                  properties:
                                    defaultMode:
                                      description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                                      format: int32
                                      type: integer
                                    sources:
                                      description: sources is the list of volume projections
                                      items:
                                        description: Projection that may be projected along with other supported volume types
                                        properties:
                                          configMap:
                                            description: configMap information about the configMap data to project
                                            properties:
                                              items:
                                                description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                                items:
                                                  description: Maps a string key to a path within a volume.
                                                  properties:
                                                    key:
                                                      description: key is the key to project.
                                                      type: string
                                                    mode:
                                                      description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                      format: int32
                                                      type: integer
                                                    path:
                                                      description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                      type: string
                                                  required:
                                                    - key
                                                    - path
                                                  type: object
                                                type: array
                                              name:
                                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                                type: string
                                              optional:
                                                description: optional specify whether the ConfigMap or its keys must be defined
                                                type: boolean
                                            type: object
                                            x-kubernetes-map-type: atomic
                                          downwardAPI:
                                            description: downwardAPI information about the downwardAPI data to project
                                            properties:
                                              items:
                                                description: Items is a list of DownwardAPIVolume file
                                                items:
                                                  description: DownwardAPIVolumeFile represents information to create the file containing the pod field
                                                  properties:
                                                    fieldRef:
                                                      description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
                                                      properties:
                                                        apiVersion:
                                                          description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
                                                          type: string
                                                        fieldPath:
                                                          description: Path of the field to select in the specified API version.
                                                          type: string
                                                      required:
                                                        - fieldPath
                                                      type: object
                                                      x-kubernetes-map-type: atomic
                                                    mode:
                                                      description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                      format: int32
                                                      type: integer
                                                    path:
                                                      description: 'Required: Path is  the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
                                                      type: string
                                                    resourceFieldRef:
                                                      description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
                                                      properties:
                                                        containerName:
                                                          description: 'Container name: required for volumes, optional for env vars'
                                                          type: string
                                                        divisor:
                                                          anyOf:
                                                            - type: integer
                                                            - type: string
                                                          description: Specifies the output format of the exposed resources, defaults to "1"
                                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                                          x-kubernetes-int-or-string: true
                                                        resource:
                                                          description: 'Required: resource to select'
                                                          type: string
                                                      required:
                                                        - resource
                                                      type: object
                                                      x-kubernetes-map-type: atomic
                                                  required:
                                                    - path
                                                  type: object
                                                type: array
                                            type: object
                                          secret:
                                            description: secret information about the secret data to project
                                            properties:
                                              items:
                                                description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                                items:
                                                  description: Maps a string key to a path within a volume.
                                                  properties:
                                                    key:
                                                      description: key is the key to project.
                                                      type: string
                                                    mode:
                                                      description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                      format: int32
                                                      type: integer
                                                    path:
                                                      description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                      type: string
                                                  required:
                                                    - key
                                                    - path
                                                  type: object
                                                type: array
                                              name:
                                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                                type: string
                                              optional:
                                                description: optional field specify whether the Secret or its key must be defined
                                                type: boolean
                                            type: object
                                            x-kubernetes-map-type: atomic
                                          serviceAccountToken:
                                            description: serviceAccountToken is information about the serviceAccountToken data to project
                                            properties:
                                              audience:
                                                description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
                                                type: string
                                              expirationSeconds:
                                                description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
                                                format: int64
                                                type: integer
                                              path:
                                                description: path is the path relative to the mount point of the file to project the token into.
                                                type: string
                                            required:
                                              - path
                                            type: object
                                        type: object
                                      type: array
                                  type: object
                                secret:
                                  description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
                                  properties:
                                    defaultMode:
                                      description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                      format: int32
                                      type: integer
                                    items:
                                      description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                      items:
                                        description: Maps a string key to a path within a volume.
                                        properties:
                                          key:
                                            description: key is the key to project.
                                            type: string
                                          mode:
                                            description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                            format: int32
                                            type: integer
                                          path:
                                            description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                            type: string
                                        required:
                                          - key
                                          - path
                                        type: object
                                      type: array
                                    optional:
                                      description: optional field specify whether the Secret or its keys must be defined
                                      type: boolean
                                    secretName:
                                      description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
                                      type: string
                                  type: object
                              type: object
                          type: object
                        principalName:
                          default: nfs
                          description: 'PrincipalName corresponds directly to NFS-Ganesha''s NFS_KRB5:PrincipalName config. In practice, this is the service prefix of the principal name. The default is "nfs". This value is combined with (a) the namespace and name of the CephNFS (with a hyphen between) and (b) the Realm configured in the user-provided krb5.conf to determine the full principal name: <principalName>/<namespace>-<name>@<realm>. e.g., nfs/rook-ceph-my-nfs@example.net. See https://github.com/nfs-ganesha/nfs-ganesha/wiki/RPCSEC_GSS for more detail.'
                          type: string
                      type: object
                    sssd:
                      description: SSSD enables integration with System Security Services Daemon (SSSD). SSSD can be used to provide user ID mapping from a number of sources. See https://sssd.io for more information about the SSSD project.
                      nullable: true
                      properties:
                        sidecar:
                          description: Sidecar tells Rook to run SSSD in a sidecar alongside the NFS-Ganesha server in each NFS pod.
                          properties:
                            additionalFiles:
                              description: AdditionalFiles defines any number of additional files that should be mounted into the SSSD sidecar. These files may be referenced by the sssd.conf config file.
                              items:
                                description: SSSDSidecarAdditionalFile represents the source from where additional files for the the SSSD configuration should come from and are made available.
                                properties:
                                  subPath:
                                    description: SubPath defines the sub-path in `/etc/sssd/rook-additional/` where the additional file(s) will be placed. Each subPath definition must be unique and must not contain ':'.
                                    minLength: 1
                                    pattern: ^[^:]+$
                                    type: string
                                  volumeSource:
                                    description: VolumeSource accepts a pared down version of the standard Kubernetes VolumeSource for the additional file(s) like what is normally used to configure Volumes for a Pod. Fore example, a ConfigMap, Secret, or HostPath. Each VolumeSource adds one or more additional files to the SSSD sidecar container in the `/etc/sssd/rook-additional/<subPath>` directory. Be aware that some files may need to have a specific file mode like 0600 due to requirements by SSSD for some files. For example, CA or TLS certificates.
                                    properties:
                                      configMap:
                                        description: configMap represents a configMap that should populate this volume
                                        properties:
                                          defaultMode:
                                            description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                            format: int32
                                            type: integer
                                          items:
                                            description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                            items:
                                              description: Maps a string key to a path within a volume.
                                              properties:
                                                key:
                                                  description: key is the key to project.
                                                  type: string
                                                mode:
                                                  description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                  format: int32
                                                  type: integer
                                                path:
                                                  description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                  type: string
                                              required:
                                                - key
                                                - path
                                              type: object
                                            type: array
                                          name:
                                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                            type: string
                                          optional:
                                            description: optional specify whether the ConfigMap or its keys must be defined
                                            type: boolean
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      emptyDir:
                                        description: 'emptyDir represents a temporary directory that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                        properties:
                                          medium:
                                            description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                            type: string
                                          sizeLimit:
                                            anyOf:
                                              - type: integer
                                              - type: string
                                            description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                            x-kubernetes-int-or-string: true
                                        type: object
                                      hostPath:
                                        description: 'hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath ---'
                                        properties:
                                          path:
                                            description: 'path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
                                            type: string
                                          type:
                                            description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
                                            type: string
                                        required:
                                          - path
                                        type: object
                                      persistentVolumeClaim:
                                        description: 'persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                        properties:
                                          claimName:
                                            description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                            type: string
                                          readOnly:
                                            description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
                                            type: boolean
                                        required:
                                          - claimName
                                        type: object
                                      projected:
                                        description: projected items for all in one resources secrets, configmaps, and downward API
                                        properties:
                                          defaultMode:
                                            description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                                            format: int32
                                            type: integer
                                          sources:
                                            description: sources is the list of volume projections
                                            items:
                                              description: Projection that may be projected along with other supported volume types
                                              properties:
                                                configMap:
                                                  description: configMap information about the configMap data to project
                                                  properties:
                                                    items:
                                                      description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                                      items:
                                                        description: Maps a string key to a path within a volume.
                                                        properties:
                                                          key:
                                                            description: key is the key to project.
                                                            type: string
                                                          mode:
                                                            description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                            format: int32
                                                            type: integer
                                                          path:
                                                            description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                            type: string
                                                        required:
                                                          - key
                                                          - path
                                                        type: object
                                                      type: array
                                                    name:
                                                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                                      type: string
                                                    optional:
                                                      description: optional specify whether the ConfigMap or its keys must be defined
                                                      type: boolean
                                                  type: object
                                                  x-kubernetes-map-type: atomic
                                                downwardAPI:
                                                  description: downwardAPI information about the downwardAPI data to project
                                                  properties:
                                                    items:
                                                      description: Items is a list of DownwardAPIVolume file
                                                      items:
                                                        description: DownwardAPIVolumeFile represents information to create the file containing the pod field
                                                        properties:
                                                          fieldRef:
                                                            description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
                                                            properties:
                                                              apiVersion:
                                                                description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
                                                                type: string
                                                              fieldPath:
                                                                description: Path of the field to select in the specified API version.
                                                                type: string
                                                            required:
                                                              - fieldPath
                                                            type: object
                                                            x-kubernetes-map-type: atomic
                                                          mode:
                                                            description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                            format: int32
                                                            type: integer
                                                          path:
                                                            description: 'Required: Path is  the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
                                                            type: string
                                                          resourceFieldRef:
                                                            description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
                                                            properties:
                                                              containerName:
                                                                description: 'Container name: required for volumes, optional for env vars'
                                                                type: string
                                                              divisor:
                                                                anyOf:
                                                                  - type: integer
                                                                  - type: string
                                                                description: Specifies the output format of the exposed resources, defaults to "1"
                                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                                                x-kubernetes-int-or-string: true
                                                              resource:
                                                                description: 'Required: resource to select'
                                                                type: string
                                                            required:
                                                              - resource
                                                            type: object
                                                            x-kubernetes-map-type: atomic
                                                        required:
                                                          - path
                                                        type: object
                                                      type: array
                                                  type: object
                                                secret:
                                                  description: secret information about the secret data to project
                                                  properties:
                                                    items:
                                                      description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                                      items:
                                                        description: Maps a string key to a path within a volume.
                                                        properties:
                                                          key:
                                                            description: key is the key to project.
                                                            type: string
                                                          mode:
                                                            description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                            format: int32
                                                            type: integer
                                                          path:
                                                            description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                            type: string
                                                        required:
                                                          - key
                                                          - path
                                                        type: object
                                                      type: array
                                                    name:
                                                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                                      type: string
                                                    optional:
                                                      description: optional field specify whether the Secret or its key must be defined
                                                      type: boolean
                                                  type: object
                                                  x-kubernetes-map-type: atomic
                                                serviceAccountToken:
                                                  description: serviceAccountToken is information about the serviceAccountToken data to project
                                                  properties:
                                                    audience:
                                                      description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
                                                      type: string
                                                    expirationSeconds:
                                                      description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
                                                      format: int64
                                                      type: integer
                                                    path:
                                                      description: path is the path relative to the mount point of the file to project the token into.
                                                      type: string
                                                  required:
                                                    - path
                                                  type: object
                                              type: object
                                            type: array
                                        type: object
                                      secret:
                                        description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
                                        properties:
                                          defaultMode:
                                            description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                            format: int32
                                            type: integer
                                          items:
                                            description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                            items:
                                              description: Maps a string key to a path within a volume.
                                              properties:
                                                key:
                                                  description: key is the key to project.
                                                  type: string
                                                mode:
                                                  description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                  format: int32
                                                  type: integer
                                                path:
                                                  description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                  type: string
                                              required:
                                                - key
                                                - path
                                              type: object
                                            type: array
                                          optional:
                                            description: optional field specify whether the Secret or its keys must be defined
                                            type: boolean
                                          secretName:
                                            description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
                                            type: string
                                        type: object
                                    type: object
                                required:
                                  - subPath
                                  - volumeSource
                                type: object
                              type: array
                            debugLevel:
                              description: 'DebugLevel sets the debug level for SSSD. If unset or set to 0, Rook does nothing. Otherwise, this may be a value between 1 and 10. See SSSD docs for more info: https://sssd.io/troubleshooting/basics.html#sssd-debug-logs'
                              maximum: 10
                              minimum: 0
                              type: integer
                            image:
                              description: Image defines the container image that should be used for the SSSD sidecar.
                              minLength: 1
                              type: string
                            resources:
                              description: Resources allow specifying resource requests/limits on the SSSD sidecar container.
                              properties:
                                claims:
                                  description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                                  items:
                                    description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                                    properties:
                                      name:
                                        description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                        type: string
                                    required:
                                      - name
                                    type: object
                                  type: array
                                  x-kubernetes-list-map-keys:
                                    - name
                                  x-kubernetes-list-type: map
                                limits:
                                  additionalProperties:
                                    anyOf:
                                      - type: integer
                                      - type: string
                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                    x-kubernetes-int-or-string: true
                                  description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                  type: object
                                requests:
                                  additionalProperties:
                                    anyOf:
                                      - type: integer
                                      - type: string
                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                    x-kubernetes-int-or-string: true
                                  description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                                  type: object
                              type: object
                            sssdConfigFile:
                              description: SSSDConfigFile defines where the SSSD configuration should be sourced from. The config file will be placed into `/etc/sssd/sssd.conf`. If this is left empty, Rook will not add the file. This allows you to manage the `sssd.conf` file yourself however you wish. For example, you may build it into your custom Ceph container image or use the Vault agent injector to securely add the file via annotations on the CephNFS spec (passed to the NFS server pods).
                              properties:
                                volumeSource:
                                  description: 'VolumeSource accepts a pared down version of the standard Kubernetes VolumeSource for the SSSD configuration file like what is normally used to configure Volumes for a Pod. For example, a ConfigMap, Secret, or HostPath. There are two requirements for the source''s content: 1. The config file must be mountable via `subPath: sssd.conf`. For example, in a ConfigMap, the data item must be named `sssd.conf`, or `items` must be defined to select the key and give it path `sssd.conf`. A HostPath directory must have the `sssd.conf` file. 2. The volume or config file must have mode 0600.'
                                  properties:
                                    configMap:
                                      description: configMap represents a configMap that should populate this volume
                                      properties:
                                        defaultMode:
                                          description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                          format: int32
                                          type: integer
                                        items:
                                          description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                          items:
                                            description: Maps a string key to a path within a volume.
                                            properties:
                                              key:
                                                description: key is the key to project.
                                                type: string
                                              mode:
                                                description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                format: int32
                                                type: integer
                                              path:
                                                description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                type: string
                                            required:
                                              - key
                                              - path
                                            type: object
                                          type: array
                                        name:
                                          description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                          type: string
                                        optional:
                                          description: optional specify whether the ConfigMap or its keys must be defined
                                          type: boolean
                                      type: object
                                      x-kubernetes-map-type: atomic
                                    emptyDir:
                                      description: 'emptyDir represents a temporary directory that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                      properties:
                                        medium:
                                          description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                          type: string
                                        sizeLimit:
                                          anyOf:
                                            - type: integer
                                            - type: string
                                          description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                          x-kubernetes-int-or-string: true
                                      type: object
                                    hostPath:
                                      description: 'hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath ---'
                                      properties:
                                        path:
                                          description: 'path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
                                          type: string
                                        type:
                                          description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
                                          type: string
                                      required:
                                        - path
                                      type: object
                                    persistentVolumeClaim:
                                      description: 'persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                      properties:
                                        claimName:
                                          description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
                                          type: string
                                        readOnly:
                                          description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
                                          type: boolean
                                      required:
                                        - claimName
                                      type: object
                                    projected:
                                      description: projected items for all in one resources secrets, configmaps, and downward API
                                      properties:
                                        defaultMode:
                                          description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
                                          format: int32
                                          type: integer
                                        sources:
                                          description: sources is the list of volume projections
                                          items:
                                            description: Projection that may be projected along with other supported volume types
                                            properties:
                                              configMap:
                                                description: configMap information about the configMap data to project
                                                properties:
                                                  items:
                                                    description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                                    items:
                                                      description: Maps a string key to a path within a volume.
                                                      properties:
                                                        key:
                                                          description: key is the key to project.
                                                          type: string
                                                        mode:
                                                          description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                          format: int32
                                                          type: integer
                                                        path:
                                                          description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                          type: string
                                                      required:
                                                        - key
                                                        - path
                                                      type: object
                                                    type: array
                                                  name:
                                                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                                    type: string
                                                  optional:
                                                    description: optional specify whether the ConfigMap or its keys must be defined
                                                    type: boolean
                                                type: object
                                                x-kubernetes-map-type: atomic
                                              downwardAPI:
                                                description: downwardAPI information about the downwardAPI data to project
                                                properties:
                                                  items:
                                                    description: Items is a list of DownwardAPIVolume file
                                                    items:
                                                      description: DownwardAPIVolumeFile represents information to create the file containing the pod field
                                                      properties:
                                                        fieldRef:
                                                          description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
                                                          properties:
                                                            apiVersion:
                                                              description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
                                                              type: string
                                                            fieldPath:
                                                              description: Path of the field to select in the specified API version.
                                                              type: string
                                                          required:
                                                            - fieldPath
                                                          type: object
                                                          x-kubernetes-map-type: atomic
                                                        mode:
                                                          description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                          format: int32
                                                          type: integer
                                                        path:
                                                          description: 'Required: Path is  the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
                                                          type: string
                                                        resourceFieldRef:
                                                          description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
                                                          properties:
                                                            containerName:
                                                              description: 'Container name: required for volumes, optional for env vars'
                                                              type: string
                                                            divisor:
                                                              anyOf:
                                                                - type: integer
                                                                - type: string
                                                              description: Specifies the output format of the exposed resources, defaults to "1"
                                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                                              x-kubernetes-int-or-string: true
                                                            resource:
                                                              description: 'Required: resource to select'
                                                              type: string
                                                          required:
                                                            - resource
                                                          type: object
                                                          x-kubernetes-map-type: atomic
                                                      required:
                                                        - path
                                                      type: object
                                                    type: array
                                                type: object
                                              secret:
                                                description: secret information about the secret data to project
                                                properties:
                                                  items:
                                                    description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                                    items:
                                                      description: Maps a string key to a path within a volume.
                                                      properties:
                                                        key:
                                                          description: key is the key to project.
                                                          type: string
                                                        mode:
                                                          description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                          format: int32
                                                          type: integer
                                                        path:
                                                          description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                          type: string
                                                      required:
                                                        - key
                                                        - path
                                                      type: object
                                                    type: array
                                                  name:
                                                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                                                    type: string
                                                  optional:
                                                    description: optional field specify whether the Secret or its key must be defined
                                                    type: boolean
                                                type: object
                                                x-kubernetes-map-type: atomic
                                              serviceAccountToken:
                                                description: serviceAccountToken is information about the serviceAccountToken data to project
                                                properties:
                                                  audience:
                                                    description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
                                                    type: string
                                                  expirationSeconds:
                                                    description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
                                                    format: int64
                                                    type: integer
                                                  path:
                                                    description: path is the path relative to the mount point of the file to project the token into.
                                                    type: string
                                                required:
                                                  - path
                                                type: object
                                            type: object
                                          type: array
                                      type: object
                                    secret:
                                      description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
                                      properties:
                                        defaultMode:
                                          description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                          format: int32
                                          type: integer
                                        items:
                                          description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
                                          items:
                                            description: Maps a string key to a path within a volume.
                                            properties:
                                              key:
                                                description: key is the key to project.
                                                type: string
                                              mode:
                                                description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
                                                format: int32
                                                type: integer
                                              path:
                                                description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
                                                type: string
                                            required:
                                              - key
                                              - path
                                            type: object
                                          type: array
                                        optional:
                                          description: optional field specify whether the Secret or its keys must be defined
                                          type: boolean
                                        secretName:
                                          description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
                                          type: string
                                      type: object
                                  type: object
                              type: object
                          required:
                            - image
                          type: object
                      type: object
                  type: object
                server:
                  description: Server is the Ganesha Server specification
                  properties:
                    active:
                      description: The number of active Ganesha servers
                      type: integer
                    annotations:
                      additionalProperties:
                        type: string
                      description: The annotations-related configuration to add/set on each Pod related object.
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    hostNetwork:
                      description: Whether host networking is enabled for the Ganesha server. If not set, the network settings from the cluster CR will be applied.
                      nullable: true
                      type: boolean
                    labels:
                      additionalProperties:
                        type: string
                      description: The labels-related configuration to add/set on each Pod related object.
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    logLevel:
                      description: LogLevel set logging level
                      type: string
                    placement:
                      description: The affinity to place the ganesha pods
                      nullable: true
                      properties:
                        nodeAffinity:
                          description: NodeAffinity is a group of node affinity scheduling rules
                          properties:
                            preferredDuringSchedulingIgnoredDuringExecution:
                              description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
                              items:
                                description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
                                properties:
                                  preference:
                                    description: A node selector term, associated with the corresponding weight.
                                    properties:
                                      matchExpressions:
                                        description: A list of node selector requirements by node's labels.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchFields:
                                        description: A list of node selector requirements by node's fields.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  weight:
                                    description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
                                    format: int32
                                    type: integer
                                required:
                                  - preference
                                  - weight
                                type: object
                              type: array
                            requiredDuringSchedulingIgnoredDuringExecution:
                              description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
                              properties:
                                nodeSelectorTerms:
                                  description: Required. A list of node selector terms. The terms are ORed.
                                  items:
                                    description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
                                    properties:
                                      matchExpressions:
                                        description: A list of node selector requirements by node's labels.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchFields:
                                        description: A list of node selector requirements by node's fields.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  type: array
                              required:
                                - nodeSelectorTerms
                              type: object
                              x-kubernetes-map-type: atomic
                          type: object
                        podAffinity:
                          description: PodAffinity is a group of inter pod affinity scheduling rules
                          properties:
                            preferredDuringSchedulingIgnoredDuringExecution:
                              description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                              items:
                                description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                properties:
                                  podAffinityTerm:
                                    description: Required. A pod affinity term, associated with the corresponding weight.
                                    properties:
                                      labelSelector:
                                        description: A label query over a set of resources, in this case pods.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaceSelector:
                                        description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaces:
                                        description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                        items:
                                          type: string
                                        type: array
                                      topologyKey:
                                        description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                        type: string
                                    required:
                                      - topologyKey
                                    type: object
                                  weight:
                                    description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                    format: int32
                                    type: integer
                                required:
                                  - podAffinityTerm
                                  - weight
                                type: object
                              type: array
                            requiredDuringSchedulingIgnoredDuringExecution:
                              description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                              items:
                                description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              type: array
                          type: object
                        podAntiAffinity:
                          description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules
                          properties:
                            preferredDuringSchedulingIgnoredDuringExecution:
                              description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                              items:
                                description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                properties:
                                  podAffinityTerm:
                                    description: Required. A pod affinity term, associated with the corresponding weight.
                                    properties:
                                      labelSelector:
                                        description: A label query over a set of resources, in this case pods.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaceSelector:
                                        description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaces:
                                        description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                        items:
                                          type: string
                                        type: array
                                      topologyKey:
                                        description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                        type: string
                                    required:
                                      - topologyKey
                                    type: object
                                  weight:
                                    description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                    format: int32
                                    type: integer
                                required:
                                  - podAffinityTerm
                                  - weight
                                type: object
                              type: array
                            requiredDuringSchedulingIgnoredDuringExecution:
                              description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                              items:
                                description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              type: array
                          type: object
                        tolerations:
                          description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>
                          items:
                            description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
                            properties:
                              effect:
                                description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
                                type: string
                              key:
                                description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
                                type: string
                              operator:
                                description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
                                type: string
                              tolerationSeconds:
                                description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
                                format: int64
                                type: integer
                              value:
                                description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
                                type: string
                            type: object
                          type: array
                        topologySpreadConstraints:
                          description: TopologySpreadConstraint specifies how to spread matching pods among the given topology
                          items:
                            description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
                            properties:
                              labelSelector:
                                description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              matchLabelKeys:
                                description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
                                items:
                                  type: string
                                type: array
                                x-kubernetes-list-type: atomic
                              maxSkew:
                                description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
                                format: int32
                                type: integer
                              minDomains:
                                description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
                                format: int32
                                type: integer
                              nodeAffinityPolicy:
                                description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                type: string
                              nodeTaintsPolicy:
                                description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                type: string
                              topologyKey:
                                description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
                                type: string
                              whenUnsatisfiable:
                                description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
                                type: string
                            required:
                              - maxSkew
                              - topologyKey
                              - whenUnsatisfiable
                            type: object
                          type: array
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    priorityClassName:
                      description: PriorityClassName sets the priority class on the pods
                      type: string
                    resources:
                      description: Resources set resource requests and limits
                      nullable: true
                      properties:
                        claims:
                          description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                          items:
                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                            properties:
                              name:
                                description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                type: string
                            required:
                              - name
                            type: object
                          type: array
                          x-kubernetes-list-map-keys:
                            - name
                          x-kubernetes-list-type: map
                        limits:
                          additionalProperties:
                            anyOf:
                              - type: integer
                              - type: string
                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                            x-kubernetes-int-or-string: true
                          description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                          type: object
                        requests:
                          additionalProperties:
                            anyOf:
                              - type: integer
                              - type: string
                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                            x-kubernetes-int-or-string: true
                          description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                  required:
                    - active
                  type: object
              required:
                - server
              type: object
            status:
              description: Status represents the status of an object
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephobjectrealms.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephObjectRealm
    listKind: CephObjectRealmList
    plural: cephobjectrealms
    singular: cephobjectrealm
  scope: Namespaced
  versions:
    - name: v1
      schema:
        openAPIV3Schema:
          description: CephObjectRealm represents a Ceph Object Store Gateway Realm
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: ObjectRealmSpec represent the spec of an ObjectRealm
              nullable: true
              properties:
                pull:
                  description: PullSpec represents the pulling specification of a Ceph Object Storage Gateway Realm
                  properties:
                    endpoint:
                      pattern: ^https*://
                      type: string
                  type: object
              type: object
            status:
              description: Status represents the status of an object
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephobjectstores.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephObjectStore
    listKind: CephObjectStoreList
    plural: cephobjectstores
    singular: cephobjectstore
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephObjectStore represents a Ceph Object Store Gateway
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: ObjectStoreSpec represent the spec of a pool
              properties:
                allowUsersInNamespaces:
                  description: The list of allowed namespaces in addition to the object store namespace where ceph object store users may be created. Specify "*" to allow all namespaces, otherwise list individual namespaces that are to be allowed. This is useful for applications that need object store credentials to be created in their own namespace, where neither OBCs nor COSI is being used to create buckets. The default is empty.
                  items:
                    type: string
                  type: array
                dataPool:
                  description: The data pool settings
                  nullable: true
                  properties:
                    compressionMode:
                      description: 'DEPRECATED: use Parameters instead, e.g., Parameters["compression_mode"] = "force" The inline compression mode in Bluestore OSD to set to (options are: none, passive, aggressive, force) Do NOT set a default value for kubebuilder as this will override the Parameters'
                      enum:
                        - none
                        - passive
                        - aggressive
                        - force
                        - ""
                      nullable: true
                      type: string
                    crushRoot:
                      description: The root of the crush hierarchy utilized by the pool
                      nullable: true
                      type: string
                    deviceClass:
                      description: The device class the OSD should set to for use in the pool
                      nullable: true
                      type: string
                    enableRBDStats:
                      description: EnableRBDStats is used to enable gathering of statistics for all RBD images in the pool
                      type: boolean
                    erasureCoded:
                      description: The erasure code settings
                      properties:
                        algorithm:
                          description: The algorithm for erasure coding
                          type: string
                        codingChunks:
                          description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool type). This is the number of OSDs that can be lost simultaneously before data cannot be recovered.
                          minimum: 0
                          type: integer
                        dataChunks:
                          description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool type). The number of chunks required to recover an object when any single OSD is lost is the same as dataChunks so be aware that the larger the number of data chunks, the higher the cost of recovery.
                          minimum: 0
                          type: integer
                      required:
                        - codingChunks
                        - dataChunks
                      type: object
                    failureDomain:
                      description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush map'
                      type: string
                    mirroring:
                      description: The mirroring settings
                      properties:
                        enabled:
                          description: Enabled whether this pool is mirrored or not
                          type: boolean
                        mode:
                          description: 'Mode is the mirroring mode: either pool or image'
                          type: string
                        peers:
                          description: Peers represents the peers spec
                          nullable: true
                          properties:
                            secretNames:
                              description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
                              items:
                                type: string
                              type: array
                          type: object
                        snapshotSchedules:
                          description: SnapshotSchedules is the scheduling of snapshot for mirrored images/pools
                          items:
                            description: SnapshotScheduleSpec represents the snapshot scheduling settings of a mirrored pool
                            properties:
                              interval:
                                description: Interval represent the periodicity of the snapshot.
                                type: string
                              path:
                                description: Path is the path to snapshot, only valid for CephFS
                                type: string
                              startTime:
                                description: StartTime indicates when to start the snapshot
                                type: string
                            type: object
                          type: array
                      type: object
                    parameters:
                      additionalProperties:
                        type: string
                      description: Parameters is a list of properties to enable on a given pool
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    quotas:
                      description: The quota settings
                      nullable: true
                      properties:
                        maxBytes:
                          description: MaxBytes represents the quota in bytes Deprecated in favor of MaxSize
                          format: int64
                          type: integer
                        maxObjects:
                          description: MaxObjects represents the quota in objects
                          format: int64
                          type: integer
                        maxSize:
                          description: MaxSize represents the quota in bytes as a string
                          pattern: ^[0-9]+[\.]?[0-9]*([KMGTPE]i|[kMGTPE])?$
                          type: string
                      type: object
                    replicated:
                      description: The replication settings
                      properties:
                        hybridStorage:
                          description: HybridStorage represents hybrid storage tier settings
                          nullable: true
                          properties:
                            primaryDeviceClass:
                              description: PrimaryDeviceClass represents high performance tier (for example SSD or NVME) for Primary OSD
                              minLength: 1
                              type: string
                            secondaryDeviceClass:
                              description: SecondaryDeviceClass represents low performance tier (for example HDDs) for remaining OSDs
                              minLength: 1
                              type: string
                          required:
                            - primaryDeviceClass
                            - secondaryDeviceClass
                          type: object
                        replicasPerFailureDomain:
                          description: ReplicasPerFailureDomain the number of replica in the specified failure domain
                          minimum: 1
                          type: integer
                        requireSafeReplicaSize:
                          description: RequireSafeReplicaSize if false allows you to set replica 1
                          type: boolean
                        size:
                          description: Size - Number of copies per object in a replicated storage pool, including the object itself (required for replicated pool type)
                          minimum: 0
                          type: integer
                        subFailureDomain:
                          description: SubFailureDomain the name of the sub-failure domain
                          type: string
                        targetSizeRatio:
                          description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity
                          type: number
                      required:
                        - size
                      type: object
                    statusCheck:
                      description: The mirroring statusCheck
                      properties:
                        mirror:
                          description: HealthCheckSpec represents the health check of an object store bucket
                          nullable: true
                          properties:
                            disabled:
                              type: boolean
                            interval:
                              description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                              type: string
                            timeout:
                              type: string
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                  type: object
                gateway:
                  description: The rgw pod info
                  nullable: true
                  properties:
                    annotations:
                      additionalProperties:
                        type: string
                      description: The annotations-related configuration to add/set on each Pod related object.
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    caBundleRef:
                      description: The name of the secret that stores custom ca-bundle with root and intermediate certificates.
                      nullable: true
                      type: string
                    dashboardEnabled:
                      description: Whether rgw dashboard is enabled for the rgw daemon. If not set, the rgw dashboard will be enabled.
                      nullable: true
                      type: boolean
                      x-kubernetes-preserve-unknown-fields: true
                    disableMultisiteSyncTraffic:
                      description: 'DisableMultisiteSyncTraffic, when true, prevents this object store''s gateways from transmitting multisite replication data. Note that this value does not affect whether gateways receive multisite replication traffic: see ObjectZone.spec.customEndpoints for that. If false or unset, this object store''s gateways will be able to transmit multisite replication data.'
                      type: boolean
                    externalRgwEndpoints:
                      description: ExternalRgwEndpoints points to external RGW endpoint(s). Multiple endpoints can be given, but for stability of ObjectBucketClaims, we highly recommend that users give only a single external RGW endpoint that is a load balancer that sends requests to the multiple RGWs.
                      items:
                        description: EndpointAddress is a tuple that describes a single IP address or host name. This is a subset of Kubernetes's v1.EndpointAddress.
                        properties:
                          hostname:
                            description: The DNS-addressable Hostname of this endpoint. This field will be preferred over IP if both are given.
                            type: string
                          ip:
                            description: The IP of this endpoint. As a legacy behavior, this supports being given a DNS-adressable hostname as well.
                            type: string
                        type: object
                        x-kubernetes-map-type: atomic
                      nullable: true
                      type: array
                    hostNetwork:
                      description: Whether host networking is enabled for the rgw daemon. If not set, the network settings from the cluster CR will be applied.
                      nullable: true
                      type: boolean
                      x-kubernetes-preserve-unknown-fields: true
                    instances:
                      description: The number of pods in the rgw replicaset.
                      format: int32
                      nullable: true
                      type: integer
                    labels:
                      additionalProperties:
                        type: string
                      description: The labels-related configuration to add/set on each Pod related object.
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    placement:
                      description: The affinity to place the rgw pods (default is to place on any available node)
                      nullable: true
                      properties:
                        nodeAffinity:
                          description: NodeAffinity is a group of node affinity scheduling rules
                          properties:
                            preferredDuringSchedulingIgnoredDuringExecution:
                              description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
                              items:
                                description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
                                properties:
                                  preference:
                                    description: A node selector term, associated with the corresponding weight.
                                    properties:
                                      matchExpressions:
                                        description: A list of node selector requirements by node's labels.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchFields:
                                        description: A list of node selector requirements by node's fields.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  weight:
                                    description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
                                    format: int32
                                    type: integer
                                required:
                                  - preference
                                  - weight
                                type: object
                              type: array
                            requiredDuringSchedulingIgnoredDuringExecution:
                              description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
                              properties:
                                nodeSelectorTerms:
                                  description: Required. A list of node selector terms. The terms are ORed.
                                  items:
                                    description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
                                    properties:
                                      matchExpressions:
                                        description: A list of node selector requirements by node's labels.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchFields:
                                        description: A list of node selector requirements by node's fields.
                                        items:
                                          description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: The label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                              type: string
                                            values:
                                              description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  type: array
                              required:
                                - nodeSelectorTerms
                              type: object
                              x-kubernetes-map-type: atomic
                          type: object
                        podAffinity:
                          description: PodAffinity is a group of inter pod affinity scheduling rules
                          properties:
                            preferredDuringSchedulingIgnoredDuringExecution:
                              description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                              items:
                                description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                properties:
                                  podAffinityTerm:
                                    description: Required. A pod affinity term, associated with the corresponding weight.
                                    properties:
                                      labelSelector:
                                        description: A label query over a set of resources, in this case pods.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaceSelector:
                                        description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaces:
                                        description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                        items:
                                          type: string
                                        type: array
                                      topologyKey:
                                        description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                        type: string
                                    required:
                                      - topologyKey
                                    type: object
                                  weight:
                                    description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                    format: int32
                                    type: integer
                                required:
                                  - podAffinityTerm
                                  - weight
                                type: object
                              type: array
                            requiredDuringSchedulingIgnoredDuringExecution:
                              description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                              items:
                                description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              type: array
                          type: object
                        podAntiAffinity:
                          description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules
                          properties:
                            preferredDuringSchedulingIgnoredDuringExecution:
                              description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                              items:
                                description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                                properties:
                                  podAffinityTerm:
                                    description: Required. A pod affinity term, associated with the corresponding weight.
                                    properties:
                                      labelSelector:
                                        description: A label query over a set of resources, in this case pods.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaceSelector:
                                        description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                        properties:
                                          matchExpressions:
                                            description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                            items:
                                              description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                              properties:
                                                key:
                                                  description: key is the label key that the selector applies to.
                                                  type: string
                                                operator:
                                                  description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                                  type: string
                                                values:
                                                  description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                                  items:
                                                    type: string
                                                  type: array
                                              required:
                                                - key
                                                - operator
                                              type: object
                                            type: array
                                          matchLabels:
                                            additionalProperties:
                                              type: string
                                            description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                            type: object
                                        type: object
                                        x-kubernetes-map-type: atomic
                                      namespaces:
                                        description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                        items:
                                          type: string
                                        type: array
                                      topologyKey:
                                        description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                        type: string
                                    required:
                                      - topologyKey
                                    type: object
                                  weight:
                                    description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                    format: int32
                                    type: integer
                                required:
                                  - podAffinityTerm
                                  - weight
                                type: object
                              type: array
                            requiredDuringSchedulingIgnoredDuringExecution:
                              description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                              items:
                                description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              type: array
                          type: object
                        tolerations:
                          description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>
                          items:
                            description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
                            properties:
                              effect:
                                description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
                                type: string
                              key:
                                description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
                                type: string
                              operator:
                                description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
                                type: string
                              tolerationSeconds:
                                description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
                                format: int64
                                type: integer
                              value:
                                description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
                                type: string
                            type: object
                          type: array
                        topologySpreadConstraints:
                          description: TopologySpreadConstraint specifies how to spread matching pods among the given topology
                          items:
                            description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
                            properties:
                              labelSelector:
                                description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              matchLabelKeys:
                                description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
                                items:
                                  type: string
                                type: array
                                x-kubernetes-list-type: atomic
                              maxSkew:
                                description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
                                format: int32
                                type: integer
                              minDomains:
                                description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
                                format: int32
                                type: integer
                              nodeAffinityPolicy:
                                description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                type: string
                              nodeTaintsPolicy:
                                description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                                type: string
                              topologyKey:
                                description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
                                type: string
                              whenUnsatisfiable:
                                description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
                                type: string
                            required:
                              - maxSkew
                              - topologyKey
                              - whenUnsatisfiable
                            type: object
                          type: array
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    port:
                      description: The port the rgw service will be listening on (http)
                      format: int32
                      type: integer
                    priorityClassName:
                      description: PriorityClassName sets priority classes on the rgw pods
                      type: string
                    resources:
                      description: The resource requirements for the rgw pods
                      nullable: true
                      properties:
                        claims:
                          description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                          items:
                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                            properties:
                              name:
                                description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                                type: string
                            required:
                              - name
                            type: object
                          type: array
                          x-kubernetes-list-map-keys:
                            - name
                          x-kubernetes-list-type: map
                        limits:
                          additionalProperties:
                            anyOf:
                              - type: integer
                              - type: string
                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                            x-kubernetes-int-or-string: true
                          description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                          type: object
                        requests:
                          additionalProperties:
                            anyOf:
                              - type: integer
                              - type: string
                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                            x-kubernetes-int-or-string: true
                          description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    securePort:
                      description: The port the rgw service will be listening on (https)
                      format: int32
                      maximum: 65535
                      minimum: 0
                      nullable: true
                      type: integer
                    service:
                      description: The configuration related to add/set on each rgw service.
                      nullable: true
                      properties:
                        annotations:
                          additionalProperties:
                            type: string
                          description: The annotations-related configuration to add/set on each rgw service. nullable optional
                          type: object
                      type: object
                    sslCertificateRef:
                      description: The name of the secret that stores the ssl certificate for secure rgw connections
                      nullable: true
                      type: string
                  type: object
                healthCheck:
                  description: The RGW health probes
                  nullable: true
                  properties:
                    readinessProbe:
                      description: ProbeSpec is a wrapper around Probe so it can be enabled or disabled for a Ceph daemon
                      properties:
                        disabled:
                          description: Disabled determines whether probe is disable or not
                          type: boolean
                        probe:
                          description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.
                          properties:
                            exec:
                              description: Exec specifies the action to take.
                              properties:
                                command:
                                  description: Command is the command line to execute inside the container, the working directory for the command  is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                                  items:
                                    type: string
                                  type: array
                              type: object
                            failureThreshold:
                              description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
                              format: int32
                              type: integer
                            grpc:
                              description: GRPC specifies an action involving a GRPC port.
                              properties:
                                port:
                                  description: Port number of the gRPC service. Number must be in the range 1 to 65535.
                                  format: int32
                                  type: integer
                                service:
                                  description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
                                  type: string
                              required:
                                - port
                              type: object
                            httpGet:
                              description: HTTPGet specifies the http request to perform.
                              properties:
                                host:
                                  description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
                                  type: string
                                httpHeaders:
                                  description: Custom headers to set in the request. HTTP allows repeated headers.
                                  items:
                                    description: HTTPHeader describes a custom header to be used in HTTP probes
                                    properties:
                                      name:
                                        description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
                                        type: string
                                      value:
                                        description: The header field value
                                        type: string
                                    required:
                                      - name
                                      - value
                                    type: object
                                  type: array
                                path:
                                  description: Path to access on the HTTP server.
                                  type: string
                                port:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                  x-kubernetes-int-or-string: true
                                scheme:
                                  description: Scheme to use for connecting to the host. Defaults to HTTP.
                                  type: string
                              required:
                                - port
                              type: object
                            initialDelaySeconds:
                              description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                              format: int32
                              type: integer
                            periodSeconds:
                              description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
                              format: int32
                              type: integer
                            successThreshold:
                              description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
                              format: int32
                              type: integer
                            tcpSocket:
                              description: TCPSocket specifies an action involving a TCP port.
                              properties:
                                host:
                                  description: 'Optional: Host name to connect to, defaults to the pod IP.'
                                  type: string
                                port:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                  x-kubernetes-int-or-string: true
                              required:
                                - port
                              type: object
                            terminationGracePeriodSeconds:
                              description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
                              format: int64
                              type: integer
                            timeoutSeconds:
                              description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                              format: int32
                              type: integer
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    startupProbe:
                      description: ProbeSpec is a wrapper around Probe so it can be enabled or disabled for a Ceph daemon
                      properties:
                        disabled:
                          description: Disabled determines whether probe is disable or not
                          type: boolean
                        probe:
                          description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.
                          properties:
                            exec:
                              description: Exec specifies the action to take.
                              properties:
                                command:
                                  description: Command is the command line to execute inside the container, the working directory for the command  is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
                                  items:
                                    type: string
                                  type: array
                              type: object
                            failureThreshold:
                              description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
                              format: int32
                              type: integer
                            grpc:
                              description: GRPC specifies an action involving a GRPC port.
                              properties:
                                port:
                                  description: Port number of the gRPC service. Number must be in the range 1 to 65535.
                                  format: int32
                                  type: integer
                                service:
                                  description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
                                  type: string
                              required:
                                - port
                              type: object
                            httpGet:
                              description: HTTPGet specifies the http request to perform.
                              properties:
                                host:
                                  description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
                                  type: string
                                httpHeaders:
                                  description: Custom headers to set in the request. HTTP allows repeated headers.
                                  items:
                                    description: HTTPHeader describes a custom header to be used in HTTP probes
                                    properties:
                                      name:
                                        description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
                                        type: string
                                      value:
                                        description: The header field value
                                        type: string
                                    required:
                                      - name
                                      - value
                                    type: object
                                  type: array
                                path:
                                  description: Path to access on the HTTP server.
                                  type: string
                                port:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                  x-kubernetes-int-or-string: true
                                scheme:
                                  description: Scheme to use for connecting to the host. Defaults to HTTP.
                                  type: string
                              required:
                                - port
                              type: object
                            initialDelaySeconds:
                              description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                              format: int32
                              type: integer
                            periodSeconds:
                              description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
                              format: int32
                              type: integer
                            successThreshold:
                              description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
                              format: int32
                              type: integer
                            tcpSocket:
                              description: TCPSocket specifies an action involving a TCP port.
                              properties:
                                host:
                                  description: 'Optional: Host name to connect to, defaults to the pod IP.'
                                  type: string
                                port:
                                  anyOf:
                                    - type: integer
                                    - type: string
                                  description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
                                  x-kubernetes-int-or-string: true
                              required:
                                - port
                              type: object
                            terminationGracePeriodSeconds:
                              description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
                              format: int64
                              type: integer
                            timeoutSeconds:
                              description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                              format: int32
                              type: integer
                          type: object
                      type: object
                  type: object
                metadataPool:
                  description: The metadata pool settings
                  nullable: true
                  properties:
                    compressionMode:
                      description: 'DEPRECATED: use Parameters instead, e.g., Parameters["compression_mode"] = "force" The inline compression mode in Bluestore OSD to set to (options are: none, passive, aggressive, force) Do NOT set a default value for kubebuilder as this will override the Parameters'
                      enum:
                        - none
                        - passive
                        - aggressive
                        - force
                        - ""
                      nullable: true
                      type: string
                    crushRoot:
                      description: The root of the crush hierarchy utilized by the pool
                      nullable: true
                      type: string
                    deviceClass:
                      description: The device class the OSD should set to for use in the pool
                      nullable: true
                      type: string
                    enableRBDStats:
                      description: EnableRBDStats is used to enable gathering of statistics for all RBD images in the pool
                      type: boolean
                    erasureCoded:
                      description: The erasure code settings
                      properties:
                        algorithm:
                          description: The algorithm for erasure coding
                          type: string
                        codingChunks:
                          description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool type). This is the number of OSDs that can be lost simultaneously before data cannot be recovered.
                          minimum: 0
                          type: integer
                        dataChunks:
                          description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool type). The number of chunks required to recover an object when any single OSD is lost is the same as dataChunks so be aware that the larger the number of data chunks, the higher the cost of recovery.
                          minimum: 0
                          type: integer
                      required:
                        - codingChunks
                        - dataChunks
                      type: object
                    failureDomain:
                      description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush map'
                      type: string
                    mirroring:
                      description: The mirroring settings
                      properties:
                        enabled:
                          description: Enabled whether this pool is mirrored or not
                          type: boolean
                        mode:
                          description: 'Mode is the mirroring mode: either pool or image'
                          type: string
                        peers:
                          description: Peers represents the peers spec
                          nullable: true
                          properties:
                            secretNames:
                              description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
                              items:
                                type: string
                              type: array
                          type: object
                        snapshotSchedules:
                          description: SnapshotSchedules is the scheduling of snapshot for mirrored images/pools
                          items:
                            description: SnapshotScheduleSpec represents the snapshot scheduling settings of a mirrored pool
                            properties:
                              interval:
                                description: Interval represent the periodicity of the snapshot.
                                type: string
                              path:
                                description: Path is the path to snapshot, only valid for CephFS
                                type: string
                              startTime:
                                description: StartTime indicates when to start the snapshot
                                type: string
                            type: object
                          type: array
                      type: object
                    parameters:
                      additionalProperties:
                        type: string
                      description: Parameters is a list of properties to enable on a given pool
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    quotas:
                      description: The quota settings
                      nullable: true
                      properties:
                        maxBytes:
                          description: MaxBytes represents the quota in bytes Deprecated in favor of MaxSize
                          format: int64
                          type: integer
                        maxObjects:
                          description: MaxObjects represents the quota in objects
                          format: int64
                          type: integer
                        maxSize:
                          description: MaxSize represents the quota in bytes as a string
                          pattern: ^[0-9]+[\.]?[0-9]*([KMGTPE]i|[kMGTPE])?$
                          type: string
                      type: object
                    replicated:
                      description: The replication settings
                      properties:
                        hybridStorage:
                          description: HybridStorage represents hybrid storage tier settings
                          nullable: true
                          properties:
                            primaryDeviceClass:
                              description: PrimaryDeviceClass represents high performance tier (for example SSD or NVME) for Primary OSD
                              minLength: 1
                              type: string
                            secondaryDeviceClass:
                              description: SecondaryDeviceClass represents low performance tier (for example HDDs) for remaining OSDs
                              minLength: 1
                              type: string
                          required:
                            - primaryDeviceClass
                            - secondaryDeviceClass
                          type: object
                        replicasPerFailureDomain:
                          description: ReplicasPerFailureDomain the number of replica in the specified failure domain
                          minimum: 1
                          type: integer
                        requireSafeReplicaSize:
                          description: RequireSafeReplicaSize if false allows you to set replica 1
                          type: boolean
                        size:
                          description: Size - Number of copies per object in a replicated storage pool, including the object itself (required for replicated pool type)
                          minimum: 0
                          type: integer
                        subFailureDomain:
                          description: SubFailureDomain the name of the sub-failure domain
                          type: string
                        targetSizeRatio:
                          description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity
                          type: number
                      required:
                        - size
                      type: object
                    statusCheck:
                      description: The mirroring statusCheck
                      properties:
                        mirror:
                          description: HealthCheckSpec represents the health check of an object store bucket
                          nullable: true
                          properties:
                            disabled:
                              type: boolean
                            interval:
                              description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                              type: string
                            timeout:
                              type: string
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                  type: object
                preservePoolsOnDelete:
                  description: Preserve pools on object store deletion
                  type: boolean
                security:
                  description: Security represents security settings
                  nullable: true
                  properties:
                    keyRotation:
                      description: KeyRotation defines options for Key Rotation.
                      nullable: true
                      properties:
                        enabled:
                          default: false
                          description: Enabled represents whether the key rotation is enabled.
                          type: boolean
                        schedule:
                          description: Schedule represents the cron schedule for key rotation.
                          type: string
                      type: object
                    kms:
                      description: KeyManagementService is the main Key Management option
                      nullable: true
                      properties:
                        connectionDetails:
                          additionalProperties:
                            type: string
                          description: ConnectionDetails contains the KMS connection details (address, port etc)
                          nullable: true
                          type: object
                          x-kubernetes-preserve-unknown-fields: true
                        tokenSecretName:
                          description: TokenSecretName is the kubernetes secret containing the KMS token
                          type: string
                      type: object
                    s3:
                      description: The settings for supporting AWS-SSE:S3 with RGW
                      nullable: true
                      properties:
                        connectionDetails:
                          additionalProperties:
                            type: string
                          description: ConnectionDetails contains the KMS connection details (address, port etc)
                          nullable: true
                          type: object
                          x-kubernetes-preserve-unknown-fields: true
                        tokenSecretName:
                          description: TokenSecretName is the kubernetes secret containing the KMS token
                          type: string
                      type: object
                  type: object
                zone:
                  description: The multisite info
                  nullable: true
                  properties:
                    name:
                      description: RGW Zone the Object Store is in
                      type: string
                  required:
                    - name
                  type: object
              type: object
            status:
              description: ObjectStoreStatus represents the status of a Ceph Object Store resource
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                endpoints:
                  properties:
                    insecure:
                      items:
                        type: string
                      nullable: true
                      type: array
                    secure:
                      items:
                        type: string
                      nullable: true
                      type: array
                  type: object
                info:
                  additionalProperties:
                    type: string
                  nullable: true
                  type: object
                message:
                  type: string
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  description: ConditionType represent a resource's status
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephobjectstoreusers.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephObjectStoreUser
    listKind: CephObjectStoreUserList
    plural: cephobjectstoreusers
    shortNames:
      - rcou
      - objectuser
    singular: cephobjectstoreuser
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephObjectStoreUser represents a Ceph Object Store Gateway User
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: ObjectStoreUserSpec represent the spec of an Objectstoreuser
              properties:
                capabilities:
                  description: Additional admin-level capabilities for the Ceph object store user
                  nullable: true
                  properties:
                    amz-cache:
                      description: Add capabilities for user to send request to RGW Cache API header. Documented in https://docs.ceph.com/en/quincy/radosgw/rgw-cache/#cache-api
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    bilog:
                      description: Add capabilities for user to change bucket index logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    bucket:
                      description: Admin capabilities to read/write Ceph object store buckets. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    buckets:
                      description: Admin capabilities to read/write Ceph object store buckets. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    datalog:
                      description: Add capabilities for user to change data logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    info:
                      description: Admin capabilities to read/write information about the user. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    mdlog:
                      description: Add capabilities for user to change metadata logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    metadata:
                      description: Admin capabilities to read/write Ceph object store metadata. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    oidc-provider:
                      description: Add capabilities for user to change oidc provider. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    ratelimit:
                      description: Add capabilities for user to set rate limiter for user and bucket. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    roles:
                      description: Admin capabilities to read/write roles for user. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    usage:
                      description: Admin capabilities to read/write Ceph object store usage. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    user:
                      description: Admin capabilities to read/write Ceph object store users. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    user-policy:
                      description: Add capabilities for user to change user policies. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    users:
                      description: Admin capabilities to read/write Ceph object store users. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                    zone:
                      description: Admin capabilities to read/write Ceph object store zones. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
                      enum:
                        - '*'
                        - read
                        - write
                        - read, write
                      type: string
                  type: object
                clusterNamespace:
                  description: The namespace where the parent CephCluster and CephObjectStore are found
                  type: string
                displayName:
                  description: The display name for the ceph users
                  type: string
                quotas:
                  description: ObjectUserQuotaSpec can be used to set quotas for the object store user to limit their usage. See the [Ceph docs](https://docs.ceph.com/en/latest/radosgw/admin/?#quota-management) for more
                  nullable: true
                  properties:
                    maxBuckets:
                      description: Maximum bucket limit for the ceph user
                      nullable: true
                      type: integer
                    maxObjects:
                      description: Maximum number of objects across all the user's buckets
                      format: int64
                      nullable: true
                      type: integer
                    maxSize:
                      anyOf:
                        - type: integer
                        - type: string
                      description: Maximum size limit of all objects across all the user's buckets See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity for more info.
                      nullable: true
                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                      x-kubernetes-int-or-string: true
                  type: object
                store:
                  description: The store the user will be created in
                  type: string
              type: object
            status:
              description: ObjectStoreUserStatus represents the status Ceph Object Store Gateway User
              properties:
                info:
                  additionalProperties:
                    type: string
                  nullable: true
                  type: object
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephobjectzonegroups.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephObjectZoneGroup
    listKind: CephObjectZoneGroupList
    plural: cephobjectzonegroups
    singular: cephobjectzonegroup
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephObjectZoneGroup represents a Ceph Object Store Gateway Zone Group
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: ObjectZoneGroupSpec represent the spec of an ObjectZoneGroup
              properties:
                realm:
                  description: The display name for the ceph users
                  type: string
              required:
                - realm
              type: object
            status:
              description: Status represents the status of an object
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephobjectzones.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephObjectZone
    listKind: CephObjectZoneList
    plural: cephobjectzones
    singular: cephobjectzone
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephObjectZone represents a Ceph Object Store Gateway Zone
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: ObjectZoneSpec represent the spec of an ObjectZone
              properties:
                customEndpoints:
                  description: "If this zone cannot be accessed from other peer Ceph clusters via the ClusterIP Service endpoint created by Rook, you must set this to the externally reachable endpoint(s). You may include the port in the definition. For example: \"https://my-object-store.my-domain.net:443\". In many cases, you should set this to the endpoint of the ingress resource that makes the CephObjectStore associated with this CephObjectStoreZone reachable to peer clusters. The list can have one or more endpoints pointing to different RGW servers in the zone. \n If a CephObjectStore endpoint is omitted from this list, that object store's gateways will not receive multisite replication data (see CephObjectStore.spec.gateway.disableMultisiteSyncTraffic)."
                  items:
                    type: string
                  nullable: true
                  type: array
                dataPool:
                  description: The data pool settings
                  nullable: true
                  properties:
                    compressionMode:
                      description: 'DEPRECATED: use Parameters instead, e.g., Parameters["compression_mode"] = "force" The inline compression mode in Bluestore OSD to set to (options are: none, passive, aggressive, force) Do NOT set a default value for kubebuilder as this will override the Parameters'
                      enum:
                        - none
                        - passive
                        - aggressive
                        - force
                        - ""
                      nullable: true
                      type: string
                    crushRoot:
                      description: The root of the crush hierarchy utilized by the pool
                      nullable: true
                      type: string
                    deviceClass:
                      description: The device class the OSD should set to for use in the pool
                      nullable: true
                      type: string
                    enableRBDStats:
                      description: EnableRBDStats is used to enable gathering of statistics for all RBD images in the pool
                      type: boolean
                    erasureCoded:
                      description: The erasure code settings
                      properties:
                        algorithm:
                          description: The algorithm for erasure coding
                          type: string
                        codingChunks:
                          description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool type). This is the number of OSDs that can be lost simultaneously before data cannot be recovered.
                          minimum: 0
                          type: integer
                        dataChunks:
                          description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool type). The number of chunks required to recover an object when any single OSD is lost is the same as dataChunks so be aware that the larger the number of data chunks, the higher the cost of recovery.
                          minimum: 0
                          type: integer
                      required:
                        - codingChunks
                        - dataChunks
                      type: object
                    failureDomain:
                      description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush map'
                      type: string
                    mirroring:
                      description: The mirroring settings
                      properties:
                        enabled:
                          description: Enabled whether this pool is mirrored or not
                          type: boolean
                        mode:
                          description: 'Mode is the mirroring mode: either pool or image'
                          type: string
                        peers:
                          description: Peers represents the peers spec
                          nullable: true
                          properties:
                            secretNames:
                              description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
                              items:
                                type: string
                              type: array
                          type: object
                        snapshotSchedules:
                          description: SnapshotSchedules is the scheduling of snapshot for mirrored images/pools
                          items:
                            description: SnapshotScheduleSpec represents the snapshot scheduling settings of a mirrored pool
                            properties:
                              interval:
                                description: Interval represent the periodicity of the snapshot.
                                type: string
                              path:
                                description: Path is the path to snapshot, only valid for CephFS
                                type: string
                              startTime:
                                description: StartTime indicates when to start the snapshot
                                type: string
                            type: object
                          type: array
                      type: object
                    parameters:
                      additionalProperties:
                        type: string
                      description: Parameters is a list of properties to enable on a given pool
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    quotas:
                      description: The quota settings
                      nullable: true
                      properties:
                        maxBytes:
                          description: MaxBytes represents the quota in bytes Deprecated in favor of MaxSize
                          format: int64
                          type: integer
                        maxObjects:
                          description: MaxObjects represents the quota in objects
                          format: int64
                          type: integer
                        maxSize:
                          description: MaxSize represents the quota in bytes as a string
                          pattern: ^[0-9]+[\.]?[0-9]*([KMGTPE]i|[kMGTPE])?$
                          type: string
                      type: object
                    replicated:
                      description: The replication settings
                      properties:
                        hybridStorage:
                          description: HybridStorage represents hybrid storage tier settings
                          nullable: true
                          properties:
                            primaryDeviceClass:
                              description: PrimaryDeviceClass represents high performance tier (for example SSD or NVME) for Primary OSD
                              minLength: 1
                              type: string
                            secondaryDeviceClass:
                              description: SecondaryDeviceClass represents low performance tier (for example HDDs) for remaining OSDs
                              minLength: 1
                              type: string
                          required:
                            - primaryDeviceClass
                            - secondaryDeviceClass
                          type: object
                        replicasPerFailureDomain:
                          description: ReplicasPerFailureDomain the number of replica in the specified failure domain
                          minimum: 1
                          type: integer
                        requireSafeReplicaSize:
                          description: RequireSafeReplicaSize if false allows you to set replica 1
                          type: boolean
                        size:
                          description: Size - Number of copies per object in a replicated storage pool, including the object itself (required for replicated pool type)
                          minimum: 0
                          type: integer
                        subFailureDomain:
                          description: SubFailureDomain the name of the sub-failure domain
                          type: string
                        targetSizeRatio:
                          description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity
                          type: number
                      required:
                        - size
                      type: object
                    statusCheck:
                      description: The mirroring statusCheck
                      properties:
                        mirror:
                          description: HealthCheckSpec represents the health check of an object store bucket
                          nullable: true
                          properties:
                            disabled:
                              type: boolean
                            interval:
                              description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                              type: string
                            timeout:
                              type: string
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                  type: object
                metadataPool:
                  description: The metadata pool settings
                  nullable: true
                  properties:
                    compressionMode:
                      description: 'DEPRECATED: use Parameters instead, e.g., Parameters["compression_mode"] = "force" The inline compression mode in Bluestore OSD to set to (options are: none, passive, aggressive, force) Do NOT set a default value for kubebuilder as this will override the Parameters'
                      enum:
                        - none
                        - passive
                        - aggressive
                        - force
                        - ""
                      nullable: true
                      type: string
                    crushRoot:
                      description: The root of the crush hierarchy utilized by the pool
                      nullable: true
                      type: string
                    deviceClass:
                      description: The device class the OSD should set to for use in the pool
                      nullable: true
                      type: string
                    enableRBDStats:
                      description: EnableRBDStats is used to enable gathering of statistics for all RBD images in the pool
                      type: boolean
                    erasureCoded:
                      description: The erasure code settings
                      properties:
                        algorithm:
                          description: The algorithm for erasure coding
                          type: string
                        codingChunks:
                          description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool type). This is the number of OSDs that can be lost simultaneously before data cannot be recovered.
                          minimum: 0
                          type: integer
                        dataChunks:
                          description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool type). The number of chunks required to recover an object when any single OSD is lost is the same as dataChunks so be aware that the larger the number of data chunks, the higher the cost of recovery.
                          minimum: 0
                          type: integer
                      required:
                        - codingChunks
                        - dataChunks
                      type: object
                    failureDomain:
                      description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush map'
                      type: string
                    mirroring:
                      description: The mirroring settings
                      properties:
                        enabled:
                          description: Enabled whether this pool is mirrored or not
                          type: boolean
                        mode:
                          description: 'Mode is the mirroring mode: either pool or image'
                          type: string
                        peers:
                          description: Peers represents the peers spec
                          nullable: true
                          properties:
                            secretNames:
                              description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
                              items:
                                type: string
                              type: array
                          type: object
                        snapshotSchedules:
                          description: SnapshotSchedules is the scheduling of snapshot for mirrored images/pools
                          items:
                            description: SnapshotScheduleSpec represents the snapshot scheduling settings of a mirrored pool
                            properties:
                              interval:
                                description: Interval represent the periodicity of the snapshot.
                                type: string
                              path:
                                description: Path is the path to snapshot, only valid for CephFS
                                type: string
                              startTime:
                                description: StartTime indicates when to start the snapshot
                                type: string
                            type: object
                          type: array
                      type: object
                    parameters:
                      additionalProperties:
                        type: string
                      description: Parameters is a list of properties to enable on a given pool
                      nullable: true
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                    quotas:
                      description: The quota settings
                      nullable: true
                      properties:
                        maxBytes:
                          description: MaxBytes represents the quota in bytes Deprecated in favor of MaxSize
                          format: int64
                          type: integer
                        maxObjects:
                          description: MaxObjects represents the quota in objects
                          format: int64
                          type: integer
                        maxSize:
                          description: MaxSize represents the quota in bytes as a string
                          pattern: ^[0-9]+[\.]?[0-9]*([KMGTPE]i|[kMGTPE])?$
                          type: string
                      type: object
                    replicated:
                      description: The replication settings
                      properties:
                        hybridStorage:
                          description: HybridStorage represents hybrid storage tier settings
                          nullable: true
                          properties:
                            primaryDeviceClass:
                              description: PrimaryDeviceClass represents high performance tier (for example SSD or NVME) for Primary OSD
                              minLength: 1
                              type: string
                            secondaryDeviceClass:
                              description: SecondaryDeviceClass represents low performance tier (for example HDDs) for remaining OSDs
                              minLength: 1
                              type: string
                          required:
                            - primaryDeviceClass
                            - secondaryDeviceClass
                          type: object
                        replicasPerFailureDomain:
                          description: ReplicasPerFailureDomain the number of replica in the specified failure domain
                          minimum: 1
                          type: integer
                        requireSafeReplicaSize:
                          description: RequireSafeReplicaSize if false allows you to set replica 1
                          type: boolean
                        size:
                          description: Size - Number of copies per object in a replicated storage pool, including the object itself (required for replicated pool type)
                          minimum: 0
                          type: integer
                        subFailureDomain:
                          description: SubFailureDomain the name of the sub-failure domain
                          type: string
                        targetSizeRatio:
                          description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity
                          type: number
                      required:
                        - size
                      type: object
                    statusCheck:
                      description: The mirroring statusCheck
                      properties:
                        mirror:
                          description: HealthCheckSpec represents the health check of an object store bucket
                          nullable: true
                          properties:
                            disabled:
                              type: boolean
                            interval:
                              description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
                              type: string
                            timeout:
                              type: string
                          type: object
                      type: object
                      x-kubernetes-preserve-unknown-fields: true
                  type: object
                preservePoolsOnDelete:
                  default: true
                  description: Preserve pools on object zone deletion
                  type: boolean
                zoneGroup:
                  description: The display name for the ceph users
                  type: string
              required:
                - dataPool
                - metadataPool
                - zoneGroup
              type: object
            status:
              description: Status represents the status of an object
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
    helm.sh/resource-policy: keep
  creationTimestamp: null
  name: cephrbdmirrors.ceph.rook.io
spec:
  group: ceph.rook.io
  names:
    kind: CephRBDMirror
    listKind: CephRBDMirrorList
    plural: cephrbdmirrors
    singular: cephrbdmirror
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .status.phase
          name: Phase
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          description: CephRBDMirror represents a Ceph RBD Mirror
          properties:
            apiVersion:
              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
              type: string
            kind:
              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
              type: string
            metadata:
              type: object
            spec:
              description: RBDMirroringSpec represents the specification of an RBD mirror daemon
              properties:
                annotations:
                  additionalProperties:
                    type: string
                  description: The annotations-related configuration to add/set on each Pod related object.
                  nullable: true
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                count:
                  description: Count represents the number of rbd mirror instance to run
                  minimum: 1
                  type: integer
                labels:
                  additionalProperties:
                    type: string
                  description: The labels-related configuration to add/set on each Pod related object.
                  nullable: true
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                peers:
                  description: Peers represents the peers spec
                  nullable: true
                  properties:
                    secretNames:
                      description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
                      items:
                        type: string
                      type: array
                  type: object
                placement:
                  description: The affinity to place the rgw pods (default is to place on any available node)
                  nullable: true
                  properties:
                    nodeAffinity:
                      description: NodeAffinity is a group of node affinity scheduling rules
                      properties:
                        preferredDuringSchedulingIgnoredDuringExecution:
                          description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
                          items:
                            description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
                            properties:
                              preference:
                                description: A node selector term, associated with the corresponding weight.
                                properties:
                                  matchExpressions:
                                    description: A list of node selector requirements by node's labels.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchFields:
                                    description: A list of node selector requirements by node's fields.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                type: object
                                x-kubernetes-map-type: atomic
                              weight:
                                description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
                                format: int32
                                type: integer
                            required:
                              - preference
                              - weight
                            type: object
                          type: array
                        requiredDuringSchedulingIgnoredDuringExecution:
                          description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
                          properties:
                            nodeSelectorTerms:
                              description: Required. A list of node selector terms. The terms are ORed.
                              items:
                                description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
                                properties:
                                  matchExpressions:
                                    description: A list of node selector requirements by node's labels.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchFields:
                                    description: A list of node selector requirements by node's fields.
                                    items:
                                      description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: The label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
                                          type: string
                                        values:
                                          description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                type: object
                                x-kubernetes-map-type: atomic
                              type: array
                          required:
                            - nodeSelectorTerms
                          type: object
                          x-kubernetes-map-type: atomic
                      type: object
                    podAffinity:
                      description: PodAffinity is a group of inter pod affinity scheduling rules
                      properties:
                        preferredDuringSchedulingIgnoredDuringExecution:
                          description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                          items:
                            description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                            properties:
                              podAffinityTerm:
                                description: Required. A pod affinity term, associated with the corresponding weight.
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              weight:
                                description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                format: int32
                                type: integer
                            required:
                              - podAffinityTerm
                              - weight
                            type: object
                          type: array
                        requiredDuringSchedulingIgnoredDuringExecution:
                          description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                          items:
                            description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                            properties:
                              labelSelector:
                                description: A label query over a set of resources, in this case pods.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaceSelector:
                                description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaces:
                                description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                items:
                                  type: string
                                type: array
                              topologyKey:
                                description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                type: string
                            required:
                              - topologyKey
                            type: object
                          type: array
                      type: object
                    podAntiAffinity:
                      description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules
                      properties:
                        preferredDuringSchedulingIgnoredDuringExecution:
                          description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
                          items:
                            description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
                            properties:
                              podAffinityTerm:
                                description: Required. A pod affinity term, associated with the corresponding weight.
                                properties:
                                  labelSelector:
                                    description: A label query over a set of resources, in this case pods.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaceSelector:
                                    description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                    properties:
                                      matchExpressions:
                                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                        items:
                                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                          properties:
                                            key:
                                              description: key is the label key that the selector applies to.
                                              type: string
                                            operator:
                                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                              type: string
                                            values:
                                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                              items:
                                                type: string
                                              type: array
                                          required:
                                            - key
                                            - operator
                                          type: object
                                        type: array
                                      matchLabels:
                                        additionalProperties:
                                          type: string
                                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                        type: object
                                    type: object
                                    x-kubernetes-map-type: atomic
                                  namespaces:
                                    description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                    items:
                                      type: string
                                    type: array
                                  topologyKey:
                                    description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                    type: string
                                required:
                                  - topologyKey
                                type: object
                              weight:
                                description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
                                format: int32
                                type: integer
                            required:
                              - podAffinityTerm
                              - weight
                            type: object
                          type: array
                        requiredDuringSchedulingIgnoredDuringExecution:
                          description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
                          items:
                            description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
                            properties:
                              labelSelector:
                                description: A label query over a set of resources, in this case pods.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaceSelector:
                                description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
                                properties:
                                  matchExpressions:
                                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                    items:
                                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                      properties:
                                        key:
                                          description: key is the label key that the selector applies to.
                                          type: string
                                        operator:
                                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                          type: string
                                        values:
                                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                          items:
                                            type: string
                                          type: array
                                      required:
                                        - key
                                        - operator
                                      type: object
                                    type: array
                                  matchLabels:
                                    additionalProperties:
                                      type: string
                                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                    type: object
                                type: object
                                x-kubernetes-map-type: atomic
                              namespaces:
                                description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
                                items:
                                  type: string
                                type: array
                              topologyKey:
                                description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                type: string
                            required:
                              - topologyKey
                            type: object
                          type: array
                      type: object
                    tolerations:
                      description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>
                      items:
                        description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
                        properties:
                          effect:
                            description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
                            type: string
                          key:
                            description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
                            type: string
                          operator:
                            description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
                            type: string
                          tolerationSeconds:
                            description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
                            format: int64
                            type: integer
                          value:
                            description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
                            type: string
                        type: object
                      type: array
                    topologySpreadConstraints:
                      description: TopologySpreadConstraint specifies how to spread matching pods among the given topology
                      items:
                        description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
                        properties:
                          labelSelector:
                            description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
                            properties:
                              matchExpressions:
                                description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
                                items:
                                  description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
                                  properties:
                                    key:
                                      description: key is the label key that the selector applies to.
                                      type: string
                                    operator:
                                      description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
                                      type: string
                                    values:
                                      description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
                                      items:
                                        type: string
                                      type: array
                                  required:
                                    - key
                                    - operator
                                  type: object
                                type: array
                              matchLabels:
                                additionalProperties:
                                  type: string
                                description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
                                type: object
                            type: object
                            x-kubernetes-map-type: atomic
                          matchLabelKeys:
                            description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
                            items:
                              type: string
                            type: array
                            x-kubernetes-list-type: atomic
                          maxSkew:
                            description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
                            format: int32
                            type: integer
                          minDomains:
                            description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
                            format: int32
                            type: integer
                          nodeAffinityPolicy:
                            description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                            type: string
                          nodeTaintsPolicy:
                            description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
                            type: string
                          topologyKey:
                            description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
                            type: string
                          whenUnsatisfiable:
                            description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
                            type: string
                        required:
                          - maxSkew
                          - topologyKey
                          - whenUnsatisfiable
                        type: object
                      type: array
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
                priorityClassName:
                  description: PriorityClassName sets priority class on the rbd mirror pods
                  type: string
                resources:
                  description: The resource requirements for the rbd mirror pods
                  nullable: true
                  properties:
                    claims:
                      description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
                      items:
                        description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                        properties:
                          name:
                            description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
                            type: string
                        required:
                          - name
                        type: object
                      type: array
                      x-kubernetes-list-map-keys:
                        - name
                      x-kubernetes-list-type: map
                    limits:
                      additionalProperties:
                        anyOf:
                          - type: integer
                          - type: string
                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                        x-kubernetes-int-or-string: true
                      description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                      type: object
                    requests:
                      additionalProperties:
                        anyOf:
                          - type: integer
                          - type: string
                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                        x-kubernetes-int-or-string: true
                      description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                      type: object
                  type: object
                  x-kubernetes-preserve-unknown-fields: true
              required:
                - count
              type: object
            status:
              description: Status represents the status of an object
              properties:
                conditions:
                  items:
                    description: Condition represents a status condition on any Rook-Ceph Custom Resource.
                    properties:
                      lastHeartbeatTime:
                        format: date-time
                        type: string
                      lastTransitionTime:
                        format: date-time
                        type: string
                      message:
                        type: string
                      reason:
                        description: ConditionReason is a reason for a condition
                        type: string
                      status:
                        type: string
                      type:
                        description: ConditionType represent a resource's status
                        type: string
                    type: object
                  type: array
                observedGeneration:
                  description: ObservedGeneration is the latest generation observed by the controller.
                  format: int64
                  type: integer
                phase:
                  type: string
              type: object
              x-kubernetes-preserve-unknown-fields: true
          required:
            - metadata
            - spec
          type: object
      served: true
      storage: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: objectbucketclaims.objectbucket.io
  annotations:
    helm.sh/resource-policy: keep
spec:
  group: objectbucket.io
  names:
    kind: ObjectBucketClaim
    listKind: ObjectBucketClaimList
    plural: objectbucketclaims
    singular: objectbucketclaim
    shortNames:
      - obc
      - obcs
  scope: Namespaced
  versions:
    - name: v1alpha1
      served: true
      storage: true
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                storageClassName:
                  type: string
                bucketName:
                  type: string
                generateBucketName:
                  type: string
                additionalConfig:
                  type: object
                  nullable: true
                  x-kubernetes-preserve-unknown-fields: true
                objectBucketName:
                  type: string
            status:
              type: object
              x-kubernetes-preserve-unknown-fields: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/resources.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: objectbuckets.objectbucket.io
  annotations:
    helm.sh/resource-policy: keep
spec:
  group: objectbucket.io
  names:
    kind: ObjectBucket
    listKind: ObjectBucketList
    plural: objectbuckets
    singular: objectbucket
    shortNames:
      - ob
      - obs
  scope: Cluster
  versions:
    - name: v1alpha1
      served: true
      storage: true
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                storageClassName:
                  type: string
                endpoint:
                  type: object
                  nullable: true
                  properties:
                    bucketHost:
                      type: string
                    bucketPort:
                      type: integer
                      format: int32
                    bucketName:
                      type: string
                    region:
                      type: string
                    subRegion:
                      type: string
                    additionalConfig:
                      type: object
                      nullable: true
                      x-kubernetes-preserve-unknown-fields: true
                authentication:
                  type: object
                  nullable: true
                  items:
                    type: object
                    x-kubernetes-preserve-unknown-fields: true
                additionalState:
                  type: object
                  nullable: true
                  x-kubernetes-preserve-unknown-fields: true
                reclaimPolicy:
                  type: string
                claimRef:
                  type: object
                  nullable: true
                  x-kubernetes-preserve-unknown-fields: true
            status:
              type: object
              x-kubernetes-preserve-unknown-fields: true
      subresources:
        status: {}
---
# Source: rook-ceph/templates/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-system
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
rules:
  # Most resources are represented by a string representation of their name, such as "pods", just as it appears in the URL for the relevant API endpoint.
  # However, some Kubernetes APIs involve a "subresource", such as the logs for a pod. [...]
  # To represent this in an RBAC role, use a slash to delimit the resource and subresource.
  # https://kubernetes.io/docs/reference/access-authn-authz/rbac/#referring-to-resources
  - apiGroups: [""]
    resources: ["pods", "pods/log"]
    verbs: ["get", "list"]
  - apiGroups: [""]
    resources: ["pods/exec"]
    verbs: ["create"]
  - apiGroups: ["admissionregistration.k8s.io"]
    resources: ["validatingwebhookconfigurations"]
    verbs: ["create", "get", "delete", "update"]
  - apiGroups: ["csiaddons.openshift.io"]
    resources: ["networkfences"]
    verbs: ["create", "get", "update", "delete", "watch", "list"]
  - apiGroups: ["apiextensions.k8s.io"]
    resources: ["customresourcedefinitions"]
    verbs: ["get"]
---
# Source: rook-ceph/templates/clusterrole.yaml
# The cluster role for managing all the cluster-specific resources in a namespace
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: rook-ceph-cluster-mgmt
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
rules:
- apiGroups:
  - ""
  - apps
  - extensions
  resources:
  - secrets
  - pods
  - pods/log
  - services
  - configmaps
  - deployments
  - daemonsets
  verbs:
  - get
  - list
  - watch
  - patch
  - create
  - update
  - delete
---
# Source: rook-ceph/templates/clusterrole.yaml
# The cluster role for managing the Rook CRDs
apiVersion: rbac.authorization.k8s.io/v1
# Rook watches for its CRDs in all namespaces, so this should be a cluster-scoped role unless the
# operator config `ROOK_CURRENT_NAMESPACE_ONLY=true`.
kind: ClusterRole
metadata:
  name: rook-ceph-global
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
rules:
- apiGroups:
  - ""
  resources:
  # Pod access is needed for fencing
  - pods
  # Node access is needed for determining nodes where mons should run
  - nodes
  - nodes/proxy
  - services
  # Rook watches secrets which it uses to configure access to external resources.
  # e.g., external Ceph cluster; TLS certificates for the admission controller or object store
  - secrets
  # Rook watches for changes to the rook-operator-config configmap
  - configmaps
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  # Rook creates events for its custom resources
  - events
  # Rook creates PVs and PVCs for OSDs managed by the Rook provisioner
  - persistentvolumes
  - persistentvolumeclaims
  # Rook creates endpoints for mgr and object store access
  - endpoints
  verbs:
  - get
  - list
  - watch
  - patch
  - create
  - update
  - delete
- apiGroups:
  - storage.k8s.io
  resources:
  - storageclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - batch
  resources:
  - jobs
  - cronjobs
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - delete
  - deletecollection
# The Rook operator must be able to watch all ceph.rook.io resources to reconcile them.
- apiGroups: ["ceph.rook.io"]
  resources:
  - cephclients
  - cephclusters
  - cephblockpools
  - cephfilesystems
  - cephnfses
  - cephobjectstores
  - cephobjectstoreusers
  - cephobjectrealms
  - cephobjectzonegroups
  - cephobjectzones
  - cephbuckettopics
  - cephbucketnotifications
  - cephrbdmirrors
  - cephfilesystemmirrors
  - cephfilesystemsubvolumegroups
  - cephblockpoolradosnamespaces
  - cephcosidrivers
  verbs:
  - get
  - list
  - watch
  # Ideally the update permission is not required, but Rook needs it to add finalizers to resources.
  - update
# Rook must have update access to status subresources for its custom resources.
- apiGroups: ["ceph.rook.io"]
  resources:
  - cephclients/status
  - cephclusters/status
  - cephblockpools/status
  - cephfilesystems/status
  - cephnfses/status
  - cephobjectstores/status
  - cephobjectstoreusers/status
  - cephobjectrealms/status
  - cephobjectzonegroups/status
  - cephobjectzones/status
  - cephbuckettopics/status
  - cephbucketnotifications/status
  - cephrbdmirrors/status
  - cephfilesystemmirrors/status
  - cephfilesystemsubvolumegroups/status
  - cephblockpoolradosnamespaces/status
  verbs: ["update"]
# The "*/finalizers" permission may need to be strictly given for K8s clusters where
# OwnerReferencesPermissionEnforcement is enabled so that Rook can set blockOwnerDeletion on
# resources owned by Rook CRs (e.g., a Secret owned by an OSD Deployment). See more:
# https://kubernetes.io/docs/reference/access-authn-authz/_print/#ownerreferencespermissionenforcement
- apiGroups: ["ceph.rook.io"]
  resources:
  - cephclients/finalizers
  - cephclusters/finalizers
  - cephblockpools/finalizers
  - cephfilesystems/finalizers
  - cephnfses/finalizers
  - cephobjectstores/finalizers
  - cephobjectstoreusers/finalizers
  - cephobjectrealms/finalizers
  - cephobjectzonegroups/finalizers
  - cephobjectzones/finalizers
  - cephbuckettopics/finalizers
  - cephbucketnotifications/finalizers
  - cephrbdmirrors/finalizers
  - cephfilesystemmirrors/finalizers
  - cephfilesystemsubvolumegroups/finalizers
  - cephblockpoolradosnamespaces/finalizers
  verbs: ["update"]
- apiGroups:
  - policy
  - apps
  - extensions
  resources:
  # This is for the clusterdisruption controller
  - poddisruptionbudgets
  # This is for both clusterdisruption and nodedrain controllers
  - deployments
  - replicasets
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - delete
  - deletecollection
- apiGroups:
  - apps
  resources:
  # This is to add osd deployment owner ref on key rotation
  # cron jobs.
  - deployments/finalizers
  verbs:
  - update
- apiGroups:
  - healthchecking.openshift.io
  resources:
  - machinedisruptionbudgets
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - delete
- apiGroups:
  - machine.openshift.io
  resources:
  - machines
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - delete
- apiGroups:
  - storage.k8s.io
  resources:
  - csidrivers
  verbs:
  - create
  - delete
  - get
  - update
- apiGroups:
  - k8s.cni.cncf.io
  resources:
  - network-attachment-definitions
  verbs:
  - get
---
# Source: rook-ceph/templates/clusterrole.yaml
# Aspects of ceph-mgr that require cluster-wide access
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-mgr-cluster
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  - nodes
  - nodes/proxy
  - persistentvolumes
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
  - list
  - get
  - watch
- apiGroups:
  - storage.k8s.io
  resources:
  - storageclasses
  verbs:
  - get
  - list
  - watch
---
# Source: rook-ceph/templates/clusterrole.yaml
# Aspects of ceph-mgr that require access to the system namespace
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-mgr-system
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  verbs:
  - get
  - list
  - watch
---
# Source: rook-ceph/templates/clusterrole.yaml
# Used for provisioning ObjectBuckets (OBs) in response to ObjectBucketClaims (OBCs).
# Note: Rook runs a copy of the lib-bucket-provisioner's OBC controller.
# OBCs can be created in any Kubernetes namespace, so this must be a cluster-scoped role.
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-object-bucket
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
rules:
  - apiGroups: [""]
    resources: ["secrets", "configmaps"]
    verbs:
      # OBC controller creates secrets and configmaps containing information for users about how to
      # connect to object buckets. It deletes them when an OBC is deleted.
      - get
      - create
      - update
      - delete
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs:
      # OBC controller gets parameters from the OBC's storageclass
      # Rook gets additional parameters from the OBC's storageclass
      - get
  - apiGroups: ["objectbucket.io"]
    resources: ["objectbucketclaims"]
    verbs:
      # OBC controller needs to list/watch OBCs and get latest version of a reconciled OBC
      - list
      - watch
      - get
      # Ideally, update should not be needed, but the OBC controller updates the OBC with bucket
      # information outside of the status subresource
      - update
      # OBC controller does not delete OBCs; users do this
  - apiGroups: ["objectbucket.io"]
    resources: ["objectbuckets"]
    verbs:
      # OBC controller needs to list/watch OBs and get latest version of a reconciled OB
      - list
      - watch
      - get
      # OBC controller creates an OB when an OBC's bucket has been provisioned by Ceph, updates them
      # when an OBC is updated, and deletes them when the OBC is de-provisioned.
      - create
      - update
      - delete
  - apiGroups: ["objectbucket.io"]
    resources: ["objectbucketclaims/status", "objectbuckets/status"]
    verbs:
      # OBC controller updates OBC and OB statuses
      - update
  - apiGroups: ["objectbucket.io"]
    # This does not strictly allow the OBC/OB controllers to update finalizers. That is handled by
    # the direct "update" permissions above. Instead, this allows Rook's controller to create
    # resources which are owned by OBs/OBCs and where blockOwnerDeletion is set.
    resources: ["objectbucketclaims/finalizers", "objectbuckets/finalizers"]
    verbs:
      - update
---
# Source: rook-ceph/templates/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-osd
rules:
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
  - list
---
# Source: rook-ceph/templates/clusterrole.yaml
# TODO: remove this, once https://github.com/rook/rook/issues/10141
# is resolved.
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: cephfs-csi-nodeplugin
rules:
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get"]
---
# Source: rook-ceph/templates/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: cephfs-external-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["get", "list"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete", "patch"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "patch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["list", "watch", "create", "update", "patch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "patch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments/status"]
    verbs: ["patch"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims/status"]
    verbs: ["patch"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshots"]
    verbs: ["get", "list"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotcontents"]
    verbs: [ "get", "list", "watch", "patch", "update"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotcontents/status"]
    verbs: ["update", "patch"]
---
# Source: rook-ceph/templates/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rbd-csi-nodeplugin
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
rules:
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["get", "list"]
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list"]
  - apiGroups: [""]
    resources: ["configmaps"]
    verbs: ["get"]
  - apiGroups: [""]
    resources: ["serviceaccounts"]
    verbs: ["get"]
  - apiGroups: [""]
    resources: ["serviceaccounts/token"]
    verbs: ["create"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get"]
---
# Source: rook-ceph/templates/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rbd-external-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete", "patch"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["list", "watch", "create", "update", "patch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "patch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments/status"]
    verbs: ["patch"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["csinodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims/status"]
    verbs: ["patch"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshots"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotcontents"]
    verbs: [ "get", "list", "watch", "patch", "update"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotcontents/status"]
    verbs: ["update", "patch"]
  - apiGroups: [""]
    resources: ["configmaps"]
    verbs: ["get"]
  - apiGroups: [""]
    resources: ["serviceaccounts"]
    verbs: ["get"]
  - apiGroups: [""]
    resources: ["serviceaccounts/token"]
    verbs: ["create"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["csinodes"]
    verbs: ["get", "list", "watch"]
---
# Source: rook-ceph/templates/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: objectstorage-provisioner-role
  labels:
    app.kubernetes.io/part-of: container-object-storage-interface
    app.kubernetes.io/component: driver-ceph
    app.kubernetes.io/name: cosi-driver-ceph
rules:
  - apiGroups: ["objectstorage.k8s.io"]
    resources:
      [
        "buckets",
        "bucketaccesses",
        "bucketclaims",
        "bucketaccessclasses",
        "buckets/status",
        "bucketaccesses/status",
        "bucketclaims/status",
        "bucketaccessclasses/status",
      ]
    verbs: ["get", "list", "watch", "update", "create", "delete"]
  - apiGroups: ["coordination.k8s.io"]
    resources: ["leases"]
    verbs: ["get", "watch", "list", "delete", "update", "create"]
  - apiGroups: [""]
    resources: ["secrets", "events"]
    verbs: ["get", "delete", "update", "create"]
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Allow the ceph mgr to access cluster-wide resources necessary for the mgr modules
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-mgr-cluster
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: rook-ceph-mgr-cluster
subjects:
  - kind: ServiceAccount
    name: rook-ceph-mgr
    namespace: aleph-ns # namespace:cluster
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Allow the ceph osd to access cluster-wide resources necessary for determining their topology location
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-osd
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: rook-ceph-osd
subjects:
  - kind: ServiceAccount
    name: rook-ceph-osd
    namespace: aleph-ns # namespace:cluster
---
# Source: rook-ceph/templates/clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-system
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: rook-ceph-system
subjects:
  - kind: ServiceAccount
    name: rook-ceph-system
    namespace: aleph-ns # namespace:operator
---
# Source: rook-ceph/templates/clusterrolebinding.yaml
# Grant the rook system daemons cluster-wide access to manage the Rook CRDs, PVCs, and storage classes
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-global
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: rook-ceph-global
subjects:
- kind: ServiceAccount
  name: rook-ceph-system
  namespace: aleph-ns # namespace:operator
---
# Source: rook-ceph/templates/clusterrolebinding.yaml
kind: ClusterRoleBinding
# Give Rook-Ceph Operator permissions to provision ObjectBuckets in response to ObjectBucketClaims.
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-object-bucket
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: rook-ceph-object-bucket
subjects:
  - kind: ServiceAccount
    name: rook-ceph-system
    namespace: aleph-ns # namespace:operator
---
# Source: rook-ceph/templates/clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rbd-csi-nodeplugin
subjects:
  - kind: ServiceAccount
    name: rook-csi-rbd-plugin-sa
    namespace: aleph-ns # namespace:operator
roleRef:
  kind: ClusterRole
  name: rbd-csi-nodeplugin
  apiGroup: rbac.authorization.k8s.io
---
# Source: rook-ceph/templates/clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: cephfs-csi-provisioner-role
subjects:
  - kind: ServiceAccount
    name: rook-csi-cephfs-provisioner-sa
    namespace: aleph-ns # namespace:operator
roleRef:
  kind: ClusterRole
  name: cephfs-external-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
---
# Source: rook-ceph/templates/clusterrolebinding.yaml
# This is required by operator-sdk to map the cluster/clusterrolebindings with SA
# otherwise operator-sdk will create a individual file for these.
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: cephfs-csi-nodeplugin-role
subjects:
  - kind: ServiceAccount
    name: rook-csi-cephfs-plugin-sa
    namespace: aleph-ns # namespace:operator
roleRef:
  kind: ClusterRole
  name: cephfs-csi-nodeplugin
  apiGroup: rbac.authorization.k8s.io
---
# Source: rook-ceph/templates/clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rbd-csi-provisioner-role
subjects:
  - kind: ServiceAccount
    name: rook-csi-rbd-provisioner-sa
    namespace: aleph-ns # namespace:operator
roleRef:
  kind: ClusterRole
  name: rbd-external-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
---
# Source: rook-ceph/templates/clusterrolebinding.yaml
# RBAC for ceph cosi driver service account
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: objectstorage-provisioner-role-binding
  labels:
    app.kubernetes.io/part-of: container-object-storage-interface
    app.kubernetes.io/component: driver-ceph
    app.kubernetes.io/name: cosi-driver-ceph
subjects:
  - kind: ServiceAccount
    name: objectstorage-provisioner
    namespace: aleph-ns # namespace:operator
roleRef:
  kind: ClusterRole
  name: objectstorage-provisioner-role
  apiGroup: rbac.authorization.k8s.io
---
# Source: rook-ceph/templates/cluster-rbac.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-osd
  namespace: aleph-ns # namespace:cluster
rules:
  # this is needed for rook's "key-management" CLI to fetch the vault token from the secret when
  # validating the connection details and for key rotation operations.
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["get","update"]
  - apiGroups: [""]
    resources: ["configmaps"]
    verbs: ["get", "list", "watch", "create", "update", "delete"]
  - apiGroups: ["ceph.rook.io"]
    resources: ["cephclusters", "cephclusters/finalizers"]
    verbs: ["get", "list", "create", "update", "delete"]
---
# Source: rook-ceph/templates/cluster-rbac.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-rgw
  namespace: aleph-ns # namespace:cluster
rules:
  # Placeholder role so the rgw service account will
  # be generated in the csv. Remove this role and role binding
  # when fixing https://github.com/rook/rook/issues/10141.
  - apiGroups:
      - ""
    resources:
      - configmaps
    verbs:
      - get
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Aspects of ceph-mgr that operate within the cluster's namespace
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-mgr
  namespace: aleph-ns # namespace:cluster
rules:
  - apiGroups:
      - ""
    resources:
      - pods
      - services
      - pods/log
    verbs:
      - get
      - list
      - watch
      - create
      - update
      - delete
  - apiGroups:
      - batch
    resources:
      - jobs
    verbs:
      - get
      - list
      - watch
      - create
      - update
      - delete
  - apiGroups:
      - ceph.rook.io
    resources:
      - cephclients
      - cephclusters
      - cephblockpools
      - cephfilesystems
      - cephnfses
      - cephobjectstores
      - cephobjectstoreusers
      - cephobjectrealms
      - cephobjectzonegroups
      - cephobjectzones
      - cephbuckettopics
      - cephbucketnotifications
      - cephrbdmirrors
      - cephfilesystemmirrors
      - cephfilesystemsubvolumegroups
      - cephblockpoolradosnamespaces
      - cephcosidrivers
    verbs:
      - get
      - list
      - watch
      - create
      - update
      - delete
      - patch
  - apiGroups:
      - apps
    resources:
      - deployments/scale
      - deployments
    verbs:
      - patch
      - delete
  - apiGroups:
      - ''
    resources:
      - persistentvolumeclaims
    verbs:
      - delete
---
# Source: rook-ceph/templates/cluster-rbac.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-cmd-reporter
  namespace: aleph-ns # namespace:cluster
rules:
  - apiGroups:
      - ""
    resources:
      - pods
      - configmaps
    verbs:
      - get
      - list
      - watch
      - create
      - update
      - delete
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Aspects of ceph osd purge job that require access to the cluster namespace
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-purge-osd
  namespace: aleph-ns # namespace:cluster
rules:
  - apiGroups: [""]
    resources: ["configmaps"]
    verbs: ["get"]
  - apiGroups: ["apps"]
    resources: ["deployments"]
    verbs: ["get", "delete" ]
  - apiGroups: ["batch"]
    resources: ["jobs"]
    verbs: ["get", "list", "delete" ]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "update", "delete", "list"]
---
# Source: rook-ceph/templates/role.yaml
# Allow the operator to manage resources in its own namespace
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: rook-ceph-system
  namespace: aleph-ns # namespace:operator
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
rules:
- apiGroups:
  - ""
  resources:
  - pods
  - configmaps
  - services
  verbs:
  - get
  - list
  - watch
  - patch
  - create
  - update
  - delete
- apiGroups:
  - apps
  - extensions
  resources:
  - daemonsets
  - statefulsets
  - deployments
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - delete
  - deletecollection
- apiGroups:
  - batch
  resources:
  - cronjobs
  verbs:
  - delete
- apiGroups:
  - cert-manager.io
  resources:
  - certificates
  - issuers
  verbs:
  - get
  - create
  - delete
- apiGroups:
  - multicluster.x-k8s.io
  resources:
  - serviceexports
  verbs:
  - get
  - create
---
# Source: rook-ceph/templates/role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: cephfs-external-provisioner-cfg
  namespace: aleph-ns # namespace:operator
rules:
  - apiGroups: ["coordination.k8s.io"]
    resources: ["leases"]
    verbs: ["get", "watch", "list", "delete", "update", "create"]
---
# Source: rook-ceph/templates/role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rbd-external-provisioner-cfg
  namespace: aleph-ns # namespace:operator
rules:
  - apiGroups: ["coordination.k8s.io"]
    resources: ["leases"]
    verbs: ["get", "watch", "list", "delete", "update", "create"]
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Allow the operator to create resources in this cluster's namespace
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-cluster-mgmt
  namespace: aleph-ns # namespace:cluster
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: rook-ceph-cluster-mgmt
subjects:
  - kind: ServiceAccount
    name: rook-ceph-system
    namespace: aleph-ns # namespace:operator
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Allow the osd pods in this namespace to work with configmaps
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-osd
  namespace: aleph-ns # namespace:cluster
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: rook-ceph-osd
subjects:
  - kind: ServiceAccount
    name: rook-ceph-osd
    namespace: aleph-ns # namespace:cluster
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Allow the rgw pods in this namespace to work with configmaps
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-rgw
  namespace: aleph-ns # namespace:cluster
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: rook-ceph-rgw
subjects:
  - kind: ServiceAccount
    name: rook-ceph-rgw
    namespace: aleph-ns # namespace:cluster
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Allow the ceph mgr to access resources scoped to the CephCluster namespace necessary for mgr modules
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-mgr
  namespace: aleph-ns # namespace:cluster
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: rook-ceph-mgr
subjects:
  - kind: ServiceAccount
    name: rook-ceph-mgr
    namespace: aleph-ns # namespace:cluster
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Allow the ceph mgr to access resources in the Rook operator namespace necessary for mgr modules
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-mgr-system
  namespace: aleph-ns # namespace:operator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: rook-ceph-mgr-system
subjects:
  - kind: ServiceAccount
    name: rook-ceph-mgr
    namespace: aleph-ns # namespace:cluster
---
# Source: rook-ceph/templates/cluster-rbac.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-cmd-reporter
  namespace: aleph-ns # namespace:cluster
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: rook-ceph-cmd-reporter
subjects:
  - kind: ServiceAccount
    name: rook-ceph-cmd-reporter
    namespace: aleph-ns # namespace:cluster
---
# Source: rook-ceph/templates/cluster-rbac.yaml
# Allow the osd purge job to run in this namespace
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-purge-osd
  namespace: aleph-ns # namespace:cluster
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: rook-ceph-purge-osd
subjects:
  - kind: ServiceAccount
    name: rook-ceph-purge-osd
    namespace: aleph-ns # namespace:cluster
---
# Source: rook-ceph/templates/rolebinding.yaml
# Grant the operator, agent, and discovery agents access to resources in the rook-ceph-system namespace
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-ceph-system
  namespace: aleph-ns # namespace:operator
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: rook-ceph-system
subjects:
- kind: ServiceAccount
  name: rook-ceph-system
  namespace: aleph-ns # namespace:operator
---
# Source: rook-ceph/templates/rolebinding.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: cephfs-csi-provisioner-role-cfg
  namespace: aleph-ns # namespace:operator
subjects:
  - kind: ServiceAccount
    name: rook-csi-cephfs-provisioner-sa
    namespace: aleph-ns # namespace:operator
roleRef:
  kind: Role
  name: cephfs-external-provisioner-cfg
  apiGroup: rbac.authorization.k8s.io
---
# Source: rook-ceph/templates/rolebinding.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rbd-csi-provisioner-role-cfg
  namespace: aleph-ns # namespace:operator
subjects:
  - kind: ServiceAccount
    name: rook-csi-rbd-provisioner-sa
    namespace: aleph-ns # namespace:operator
roleRef:
  kind: Role
  name: rbd-external-provisioner-cfg
  apiGroup: rbac.authorization.k8s.io
---
# Source: rook-ceph/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: rook-ceph-operator
  labels:
    operator: rook
    storage-backend: ceph
    app.kubernetes.io/part-of: rook-ceph-operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/created-by: helm
    helm.sh/chart: "rook-ceph-v1.12.3"
spec:
  replicas: 1
  selector:
    matchLabels:
      app: rook-ceph-operator
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: rook-ceph-operator
        helm.sh/chart: "rook-ceph-v1.12.3"
    spec:
      containers:
      - name: rook-ceph-operator
        image: "rook/ceph:v1.12.3"
        imagePullPolicy: IfNotPresent
        args: ["ceph", "operator"]
        securityContext:
          runAsNonRoot: true
          runAsUser: 2016
          runAsGroup: 2016
        volumeMounts:
        - mountPath: /var/lib/rook
          name: rook-config
        - mountPath: /etc/ceph
          name: default-config-dir
        - mountPath: /etc/webhook
          name: webhook-cert
        ports:
          - containerPort: 9443
            name: https-webhook
            protocol: TCP
        env:
        - name: ROOK_CURRENT_NAMESPACE_ONLY
          value: "false"
        - name: ROOK_HOSTPATH_REQUIRES_PRIVILEGED
          value: "false"
        - name: ROOK_DISABLE_DEVICE_HOTPLUG
          value: "false"
        - name: DISCOVER_DAEMON_UDEV_BLACKLIST
          value: ""
        - name: ROOK_ENABLE_DISCOVERY_DAEMON
          value: "false"

        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        resources:
          limits:
            cpu: 500m
            memory: 512Mi
          requests:
            cpu: 100m
            memory: 128Mi
      serviceAccountName: rook-ceph-system
      volumes:
      - name: rook-config
        emptyDir: {}
      - name: default-config-dir
        emptyDir: {}
      - name: webhook-cert
        emptyDir: {}
---
# Source: rook-ceph/templates/securityContextConstraints.yaml
# scc for the Rook and Ceph daemons
# for creating cluster in openshift