--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.16.0 name: clusterresourceplacements.placement.kubernetes-fleet.io spec: group: placement.kubernetes-fleet.io names: categories: - fleet - fleet-placement kind: ClusterResourcePlacement listKind: ClusterResourcePlacementList plural: clusterresourceplacements shortNames: - crp singular: clusterresourceplacement scope: Cluster versions: - additionalPrinterColumns: - jsonPath: .metadata.generation name: Gen type: string - jsonPath: .spec.policy.placementType name: Type priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementScheduled")].status name: Scheduled type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementScheduled")].observedGeneration name: Scheduled-Gen type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementWorkSynchronized")].status name: Work-Synchronized priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementWorkSynchronized")].observedGeneration name: Work-Synchronized-Gen priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementAvailable")].status name: Available type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementAvailable")].observedGeneration name: Available-Gen type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1 schema: openAPIV3Schema: description: |- ClusterResourcePlacement is used to select cluster scoped resources, including built-in resources and custom resources, and placement them onto selected member clusters in a fleet. If a namespace is selected, ALL the resources under the namespace are placed to the target clusters. Note that you can't select the following resources: - reserved namespaces including: default, kube-* (reserved for Kubernetes system namespaces), fleet-* (reserved for fleet system namespaces). - reserved fleet resource types including: MemberCluster, InternalMemberCluster, ClusterResourcePlacement, ClusterSchedulingPolicySnapshot, ClusterResourceSnapshot, ClusterResourceBinding, etc. `ClusterSchedulingPolicySnapshot` and `ClusterResourceSnapshot` objects are created when there are changes in the system to keep the history of the changes affecting a `ClusterResourcePlacement`. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: The desired state of ClusterResourcePlacement. properties: policy: description: |- Policy defines how to select member clusters to place the selected resources. If unspecified, all the joined member clusters are selected. properties: affinity: description: |- Affinity contains cluster affinity scheduling rules. Defines which member clusters to place the selected resources. Only valid if the placement type is "PickAll" or "PickN". properties: clusterAffinity: description: ClusterAffinity contains cluster affinity scheduling rules for the selected resources. properties: preferredDuringSchedulingIgnoredDuringExecution: description: |- The scheduler computes a score for each cluster at schedule time by iterating through the elements of this field and adding "weight" to the sum if the cluster matches the corresponding matchExpression. The scheduler then chooses the first `N` clusters with the highest sum to satisfy the placement. This field is ignored if the placement type is "PickAll". If the cluster score changes at some point after the placement (e.g. due to an update), the system may or may not try to eventually move the resource from a cluster with a lower score to a cluster with higher score. items: properties: preference: description: A cluster selector term, associated with the corresponding weight. properties: labelSelector: description: |- LabelSelector is a label query over all the joined member clusters. Clusters matching the query are selected. If you specify both label and property selectors in the same term, the results are AND'd. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic propertySelector: description: |- PropertySelector is a property query over all joined member clusters. Clusters matching the query are selected. If you specify both label and property selectors in the same term, the results are AND'd. At this moment, PropertySelector can only be used with `RequiredDuringSchedulingIgnoredDuringExecution` affinity terms. This field is beta-level; it is for the property-based scheduling feature and is only functional when a property provider is enabled in the deployment. properties: matchExpressions: description: MatchExpressions is an array of PropertySelectorRequirements. The requirements are AND'd. items: description: |- PropertySelectorRequirement is a specific property requirement when picking clusters for resource placement. properties: name: description: Name is the name of the property; it should be a Kubernetes label name. type: string operator: description: |- Operator specifies the relationship between a cluster's observed value of the specified property and the values given in the requirement. type: string values: description: |- Values are a list of values of the specified property which Fleet will compare against the observed values of individual member clusters in accordance with the given operator. At this moment, each value should be a Kubernetes quantity. For more information, see https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity. If the operator is Gt (greater than), Ge (greater than or equal to), Lt (less than), or `Le` (less than or equal to), Eq (equal to), or Ne (ne), exactly one value must be specified in the list. items: type: string maxItems: 1 type: array required: - name - operator - values type: object type: array required: - matchExpressions type: object propertySorter: description: |- PropertySorter sorts all matching clusters by a specific property and assigns different weights to each cluster based on their observed property values. At this moment, PropertySorter can only be used with `PreferredDuringSchedulingIgnoredDuringExecution` affinity terms. This field is beta-level; it is for the property-based scheduling feature and is only functional when a property provider is enabled in the deployment. properties: name: description: Name is the name of the property which Fleet sorts clusters by. type: string sortOrder: description: |- SortOrder explains how Fleet should perform the sort; specifically, whether Fleet should sort in ascending or descending order. type: string required: - name - sortOrder type: object type: object weight: description: Weight associated with matching the corresponding clusterSelectorTerm, in the range [-100, 100]. format: int32 maximum: 100 minimum: -100 type: integer required: - preference - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at scheduling time, the resource will not be scheduled onto the cluster. If the affinity requirements specified by this field cease to be met at some point after the placement (e.g. due to an update), the system may or may not try to eventually remove the resource from the cluster. properties: clusterSelectorTerms: description: ClusterSelectorTerms is a list of cluster selector terms. The terms are `ORed`. items: properties: labelSelector: description: |- LabelSelector is a label query over all the joined member clusters. Clusters matching the query are selected. If you specify both label and property selectors in the same term, the results are AND'd. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic propertySelector: description: |- PropertySelector is a property query over all joined member clusters. Clusters matching the query are selected. If you specify both label and property selectors in the same term, the results are AND'd. At this moment, PropertySelector can only be used with `RequiredDuringSchedulingIgnoredDuringExecution` affinity terms. This field is beta-level; it is for the property-based scheduling feature and is only functional when a property provider is enabled in the deployment. properties: matchExpressions: description: MatchExpressions is an array of PropertySelectorRequirements. The requirements are AND'd. items: description: |- PropertySelectorRequirement is a specific property requirement when picking clusters for resource placement. properties: name: description: Name is the name of the property; it should be a Kubernetes label name. type: string operator: description: |- Operator specifies the relationship between a cluster's observed value of the specified property and the values given in the requirement. type: string values: description: |- Values are a list of values of the specified property which Fleet will compare against the observed values of individual member clusters in accordance with the given operator. At this moment, each value should be a Kubernetes quantity. For more information, see https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity. If the operator is Gt (greater than), Ge (greater than or equal to), Lt (less than), or `Le` (less than or equal to), Eq (equal to), or Ne (ne), exactly one value must be specified in the list. items: type: string maxItems: 1 type: array required: - name - operator - values type: object type: array required: - matchExpressions type: object propertySorter: description: |- PropertySorter sorts all matching clusters by a specific property and assigns different weights to each cluster based on their observed property values. At this moment, PropertySorter can only be used with `PreferredDuringSchedulingIgnoredDuringExecution` affinity terms. This field is beta-level; it is for the property-based scheduling feature and is only functional when a property provider is enabled in the deployment. properties: name: description: Name is the name of the property which Fleet sorts clusters by. type: string sortOrder: description: |- SortOrder explains how Fleet should perform the sort; specifically, whether Fleet should sort in ascending or descending order. type: string required: - name - sortOrder type: object type: object maxItems: 10 type: array required: - clusterSelectorTerms type: object type: object type: object clusterNames: description: |- ClusterNames contains a list of names of MemberCluster to place the selected resources. Only valid if the placement type is "PickFixed" items: type: string maxItems: 100 type: array numberOfClusters: description: NumberOfClusters of placement. Only valid if the placement type is "PickN". format: int32 minimum: 0 type: integer placementType: default: PickAll description: Type of placement. Can be "PickAll", "PickN" or "PickFixed". Default is PickAll. enum: - PickAll - PickN - PickFixed type: string tolerations: description: |- If specified, the ClusterResourcePlacement's Tolerations. Tolerations cannot be updated or deleted. This field is beta-level and is for the taints and tolerations feature. items: description: |- Toleration allows ClusterResourcePlacement to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, only allowed value is NoSchedule. enum: - NoSchedule type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: default: Equal description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ClusterResourcePlacement can tolerate all taints of a particular category. enum: - Equal - Exists type: string value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object maxItems: 100 type: array topologySpreadConstraints: description: |- TopologySpreadConstraints describes how a group of resources ought to spread across multiple topology domains. Scheduler will schedule resources in a way which abides by the constraints. All topologySpreadConstraints are ANDed. Only valid if the placement type is "PickN". items: description: TopologySpreadConstraint specifies how to spread resources among the given cluster topology. properties: maxSkew: default: 1 description: |- MaxSkew describes the degree to which resources may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of resource copies in the target topology and the global minimum. The global minimum is the minimum number of resource copies in a domain. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's an optional field. Default value is 1 and 0 is not allowed. format: int32 minimum: 1 type: integer topologyKey: description: |- TopologyKey is the key of cluster labels. Clusters that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of replicas of the resource into each bucket honor the `MaxSkew` value. It's a required field. type: string whenUnsatisfiable: description: |- WhenUnsatisfiable indicates how to deal with the resource if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the resource in any cluster, but giving higher precedence to topologies that would help reduce the skew. It's an optional field. type: string required: - topologyKey type: object type: array type: object resourceSelectors: description: |- ResourceSelectors is an array of selectors used to select cluster scoped resources. The selectors are `ORed`. You can have 1-100 selectors. items: description: |- ClusterResourceSelector is used to select cluster scoped resources as the target resources to be placed. If a namespace is selected, ALL the resources under the namespace are selected automatically. All the fields are `ANDed`. In other words, a resource must match all the fields to be selected. properties: group: description: |- Group name of the cluster-scoped resource. Use an empty string to select resources under the core API group (e.g., namespaces). type: string kind: description: |- Kind of the cluster-scoped resource. Note: When `Kind` is `namespace`, ALL the resources under the selected namespaces are selected. type: string labelSelector: description: |- A label query over all the cluster-scoped resources. Resources matching the query are selected. Note that namespace-scoped resources can't be selected even if they match the query. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic name: description: Name of the cluster-scoped resource. type: string version: description: Version of the cluster-scoped resource. type: string required: - group - kind - version type: object maxItems: 100 minItems: 1 type: array revisionHistoryLimit: default: 10 description: |- The number of old ClusterSchedulingPolicySnapshot or ClusterResourceSnapshot resources to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10. format: int32 maximum: 1000 minimum: 1 type: integer strategy: description: The rollout strategy to use to replace existing placement with new ones. properties: applyStrategy: description: |- ApplyStrategy describes how to resolve the conflict if the resource to be placed already exists in the target cluster and is owned by other appliers. This field is a beta-level feature. properties: allowCoOwnership: description: |- AllowCoOwnership defines whether to apply the resource if it already exists in the target cluster and is not solely owned by fleet (i.e., metadata.ownerReferences contains only fleet custom resources). If true, apply the resource and add fleet as a co-owner. If false, leave the resource unchanged and fail the apply. type: boolean serverSideApplyConfig: description: ServerSideApplyConfig defines the configuration for server side apply. It is honored only when type is ServerSideApply. properties: force: description: |- Force represents to force apply to succeed when resolving the conflicts For any conflicting fields, - If true, use the values from the resource to be applied to overwrite the values of the existing resource in the target cluster, as well as take over ownership of such fields. - If false, apply will fail with the reason ApplyConflictWithOtherApplier. For non-conflicting fields, values stay unchanged and ownership are shared between appliers. type: boolean type: object type: default: ClientSideApply description: |- Type defines the type of strategy to use. Default to ClientSideApply. Server-side apply is a safer choice. Read more about the differences between server-side apply and client-side apply: https://kubernetes.io/docs/reference/using-api/server-side-apply/#comparison-with-client-side-apply. enum: - ClientSideApply - ServerSideApply type: string type: object rollingUpdate: description: Rolling update config params. Present only if RolloutStrategyType = RollingUpdate. properties: maxSurge: anyOf: - type: integer - type: string default: 25% description: |- The maximum number of clusters that can be scheduled above the desired number of clusters. The desired number equals to the `NumberOfClusters` field when the placement type is `PickN`. The desired number equals to the number of clusters scheduler selected when the placement type is `PickAll`. Value can be an absolute number (ex: 5) or a percentage of desire (ex: 10%). Absolute number is calculated from percentage by rounding up. This does not apply to the case that we do in-place update of resources on the same cluster. This can not be 0 if MaxUnavailable is 0. Defaults to 25%. pattern: ^((100|[0-9]{1,2})%|[0-9]+)$ x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: integer - type: string default: 25% description: |- The maximum number of clusters that can be unavailable during the rolling update comparing to the desired number of clusters. The desired number equals to the `NumberOfClusters` field when the placement type is `PickN`. The desired number equals to the number of clusters scheduler selected when the placement type is `PickAll`. Value can be an absolute number (ex: 5) or a percentage of the desired number of clusters (ex: 10%). Absolute number is calculated from percentage by rounding up. We consider a resource unavailable when we either remove it from a cluster or in-place upgrade the resources content on the same cluster. The minimum of MaxUnavailable is 0 to allow no downtime moving a placement from one cluster to another. Please set it to be greater than 0 to avoid rolling out stuck during in-place resource update. Defaults to 25%. pattern: ^((100|[0-9]{1,2})%|[0-9]+)$ x-kubernetes-int-or-string: true unavailablePeriodSeconds: default: 60 description: |- UnavailablePeriodSeconds is used to configure the waiting time between rollout phases when we cannot determine if the resources have rolled out successfully or not. We have a built-in resource state detector to determine the availability status of following well-known Kubernetes native resources: Deployment, StatefulSet, DaemonSet, Service, Namespace, ConfigMap, Secret, ClusterRole, ClusterRoleBinding, Role, RoleBinding. Please see [SafeRollout](https://github.com/Azure/fleet/tree/main/docs/concepts/SafeRollout/README.md) for more details. For other types of resources, we consider them as available after `UnavailablePeriodSeconds` seconds have passed since they were successfully applied to the target cluster. Default is 60. type: integer type: object type: default: RollingUpdate description: Type of rollout. The only supported type is "RollingUpdate". Default is "RollingUpdate". enum: - RollingUpdate type: string type: object required: - resourceSelectors type: object status: description: The observed status of ClusterResourcePlacement. properties: conditions: description: Conditions is an array of current observed conditions for ClusterResourcePlacement. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map observedResourceIndex: description: |- Resource index logically represents the generation of the selected resources. We take a new snapshot of the selected resources whenever the selection or their content change. Each snapshot has a different resource index. One resource snapshot can contain multiple clusterResourceSnapshots CRs in order to store large amount of resources. To get clusterResourceSnapshot of a given resource index, use the following command: `kubectl get ClusterResourceSnapshot --selector=kubernetes-fleet.io/resource-index=$ObservedResourceIndex ` ObservedResourceIndex is the resource index that the conditions in the ClusterResourcePlacementStatus observe. For example, a condition of `ClusterResourcePlacementWorkSynchronized` type is observing the synchronization status of the resource snapshot with the resource index $ObservedResourceIndex. type: string placementStatuses: description: |- PlacementStatuses contains a list of placement status on the clusters that are selected by PlacementPolicy. Each selected cluster according to the latest resource placement is guaranteed to have a corresponding placementStatuses. In the pickN case, there are N placement statuses where N = NumberOfClusters; Or in the pickFixed case, there are N placement statuses where N = ClusterNames. In these cases, some of them may not have assigned clusters when we cannot fill the required number of clusters. items: description: ResourcePlacementStatus represents the placement status of selected resources for one target cluster. properties: applicableClusterResourceOverrides: description: |- ApplicableClusterResourceOverrides contains a list of applicable ClusterResourceOverride snapshots associated with the selected resources. This field is alpha-level and is for the override policy feature. items: type: string type: array applicableResourceOverrides: description: |- ApplicableResourceOverrides contains a list of applicable ResourceOverride snapshots associated with the selected resources. This field is alpha-level and is for the override policy feature. items: description: NamespacedName comprises a resource name, with a mandatory namespace. properties: name: description: Name is the name of the namespaced scope resource. type: string namespace: description: Namespace is namespace of the namespaced scope resource. type: string required: - name - namespace type: object type: array clusterName: description: |- ClusterName is the name of the cluster this resource is assigned to. If it is not empty, its value should be unique cross all placement decisions for the Placement. type: string conditions: description: Conditions is an array of current observed conditions for ResourcePlacementStatus. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array failedPlacements: description: |- FailedPlacements is a list of all the resources failed to be placed to the given cluster or the resource is unavailable. Note that we only include 100 failed resource placements even if there are more than 100. This field is only meaningful if the `ClusterName` is not empty. items: description: FailedResourcePlacement contains the failure details of a failed resource placement. properties: condition: description: The failed condition status. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object envelope: description: Envelope identifies the envelope object that contains this resource. properties: name: description: Name of the envelope object. type: string namespace: description: Namespace is the namespace of the envelope object. Empty if the envelope object is cluster scoped. type: string type: default: ConfigMap description: Type of the envelope object. enum: - ConfigMap type: string required: - name type: object group: description: Group is the group name of the selected resource. type: string kind: description: Kind represents the Kind of the selected resources. type: string name: description: Name of the target resource. type: string namespace: description: Namespace is the namespace of the resource. Empty if the resource is cluster scoped. type: string version: description: Version is the version of the selected resource. type: string required: - condition - kind - name - version type: object maxItems: 100 type: array type: object type: array selectedResources: description: SelectedResources contains a list of resources selected by ResourceSelectors. items: description: ResourceIdentifier identifies one Kubernetes resource. properties: envelope: description: Envelope identifies the envelope object that contains this resource. properties: name: description: Name of the envelope object. type: string namespace: description: Namespace is the namespace of the envelope object. Empty if the envelope object is cluster scoped. type: string type: default: ConfigMap description: Type of the envelope object. enum: - ConfigMap type: string required: - name type: object group: description: Group is the group name of the selected resource. type: string kind: description: Kind represents the Kind of the selected resources. type: string name: description: Name of the target resource. type: string namespace: description: Namespace is the namespace of the resource. Empty if the resource is cluster scoped. type: string version: description: Version is the version of the selected resource. type: string required: - kind - name - version type: object type: array type: object required: - spec type: object served: true storage: false subresources: status: {} - additionalPrinterColumns: - jsonPath: .metadata.generation name: Gen type: string - jsonPath: .spec.policy.placementType name: Type priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementScheduled")].status name: Scheduled type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementScheduled")].observedGeneration name: Scheduled-Gen type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementWorkSynchronized")].status name: Work-Synchronized priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementWorkSynchronized")].observedGeneration name: Work-Synchronized-Gen priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementAvailable")].status name: Available type: string - jsonPath: .status.conditions[?(@.type=="ClusterResourcePlacementAvailable")].observedGeneration name: Available-Gen type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1beta1 schema: openAPIV3Schema: description: |- ClusterResourcePlacement is used to select cluster scoped resources, including built-in resources and custom resources, and placement them onto selected member clusters in a fleet. If a namespace is selected, ALL the resources under the namespace are placed to the target clusters. Note that you can't select the following resources: - reserved namespaces including: default, kube-* (reserved for Kubernetes system namespaces), fleet-* (reserved for fleet system namespaces). - reserved fleet resource types including: MemberCluster, InternalMemberCluster, ClusterResourcePlacement, ClusterSchedulingPolicySnapshot, ClusterResourceSnapshot, ClusterResourceBinding, etc. `ClusterSchedulingPolicySnapshot` and `ClusterResourceSnapshot` objects are created when there are changes in the system to keep the history of the changes affecting a `ClusterResourcePlacement`. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: The desired state of ClusterResourcePlacement. properties: policy: description: |- Policy defines how to select member clusters to place the selected resources. If unspecified, all the joined member clusters are selected. properties: affinity: description: |- Affinity contains cluster affinity scheduling rules. Defines which member clusters to place the selected resources. Only valid if the placement type is "PickAll" or "PickN". properties: clusterAffinity: description: ClusterAffinity contains cluster affinity scheduling rules for the selected resources. properties: preferredDuringSchedulingIgnoredDuringExecution: description: |- The scheduler computes a score for each cluster at schedule time by iterating through the elements of this field and adding "weight" to the sum if the cluster matches the corresponding matchExpression. The scheduler then chooses the first `N` clusters with the highest sum to satisfy the placement. This field is ignored if the placement type is "PickAll". If the cluster score changes at some point after the placement (e.g. due to an update), the system may or may not try to eventually move the resource from a cluster with a lower score to a cluster with higher score. items: properties: preference: description: A cluster selector term, associated with the corresponding weight. properties: labelSelector: description: |- LabelSelector is a label query over all the joined member clusters. Clusters matching the query are selected. If you specify both label and property selectors in the same term, the results are AND'd. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic propertySelector: description: |- PropertySelector is a property query over all joined member clusters. Clusters matching the query are selected. If you specify both label and property selectors in the same term, the results are AND'd. At this moment, PropertySelector can only be used with `RequiredDuringSchedulingIgnoredDuringExecution` affinity terms. This field is beta-level; it is for the property-based scheduling feature and is only functional when a property provider is enabled in the deployment. properties: matchExpressions: description: MatchExpressions is an array of PropertySelectorRequirements. The requirements are AND'd. items: description: |- PropertySelectorRequirement is a specific property requirement when picking clusters for resource placement. properties: name: description: Name is the name of the property; it should be a Kubernetes label name. type: string operator: description: |- Operator specifies the relationship between a cluster's observed value of the specified property and the values given in the requirement. type: string values: description: |- Values are a list of values of the specified property which Fleet will compare against the observed values of individual member clusters in accordance with the given operator. At this moment, each value should be a Kubernetes quantity. For more information, see https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity. If the operator is Gt (greater than), Ge (greater than or equal to), Lt (less than), or `Le` (less than or equal to), Eq (equal to), or Ne (ne), exactly one value must be specified in the list. items: type: string maxItems: 1 type: array required: - name - operator - values type: object type: array required: - matchExpressions type: object propertySorter: description: |- PropertySorter sorts all matching clusters by a specific property and assigns different weights to each cluster based on their observed property values. At this moment, PropertySorter can only be used with `PreferredDuringSchedulingIgnoredDuringExecution` affinity terms. This field is beta-level; it is for the property-based scheduling feature and is only functional when a property provider is enabled in the deployment. properties: name: description: Name is the name of the property which Fleet sorts clusters by. type: string sortOrder: description: |- SortOrder explains how Fleet should perform the sort; specifically, whether Fleet should sort in ascending or descending order. type: string required: - name - sortOrder type: object type: object weight: description: Weight associated with matching the corresponding clusterSelectorTerm, in the range [-100, 100]. format: int32 maximum: 100 minimum: -100 type: integer required: - preference - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at scheduling time, the resource will not be scheduled onto the cluster. If the affinity requirements specified by this field cease to be met at some point after the placement (e.g. due to an update), the system may or may not try to eventually remove the resource from the cluster. properties: clusterSelectorTerms: description: ClusterSelectorTerms is a list of cluster selector terms. The terms are `ORed`. items: properties: labelSelector: description: |- LabelSelector is a label query over all the joined member clusters. Clusters matching the query are selected. If you specify both label and property selectors in the same term, the results are AND'd. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic propertySelector: description: |- PropertySelector is a property query over all joined member clusters. Clusters matching the query are selected. If you specify both label and property selectors in the same term, the results are AND'd. At this moment, PropertySelector can only be used with `RequiredDuringSchedulingIgnoredDuringExecution` affinity terms. This field is beta-level; it is for the property-based scheduling feature and is only functional when a property provider is enabled in the deployment. properties: matchExpressions: description: MatchExpressions is an array of PropertySelectorRequirements. The requirements are AND'd. items: description: |- PropertySelectorRequirement is a specific property requirement when picking clusters for resource placement. properties: name: description: Name is the name of the property; it should be a Kubernetes label name. type: string operator: description: |- Operator specifies the relationship between a cluster's observed value of the specified property and the values given in the requirement. type: string values: description: |- Values are a list of values of the specified property which Fleet will compare against the observed values of individual member clusters in accordance with the given operator. At this moment, each value should be a Kubernetes quantity. For more information, see https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity. If the operator is Gt (greater than), Ge (greater than or equal to), Lt (less than), or `Le` (less than or equal to), Eq (equal to), or Ne (ne), exactly one value must be specified in the list. items: type: string maxItems: 1 type: array required: - name - operator - values type: object type: array required: - matchExpressions type: object propertySorter: description: |- PropertySorter sorts all matching clusters by a specific property and assigns different weights to each cluster based on their observed property values. At this moment, PropertySorter can only be used with `PreferredDuringSchedulingIgnoredDuringExecution` affinity terms. This field is beta-level; it is for the property-based scheduling feature and is only functional when a property provider is enabled in the deployment. properties: name: description: Name is the name of the property which Fleet sorts clusters by. type: string sortOrder: description: |- SortOrder explains how Fleet should perform the sort; specifically, whether Fleet should sort in ascending or descending order. type: string required: - name - sortOrder type: object type: object maxItems: 10 type: array required: - clusterSelectorTerms type: object type: object type: object clusterNames: description: |- ClusterNames contains a list of names of MemberCluster to place the selected resources. Only valid if the placement type is "PickFixed" items: type: string maxItems: 100 type: array numberOfClusters: description: NumberOfClusters of placement. Only valid if the placement type is "PickN". format: int32 minimum: 0 type: integer placementType: default: PickAll description: Type of placement. Can be "PickAll", "PickN" or "PickFixed". Default is PickAll. enum: - PickAll - PickN - PickFixed type: string tolerations: description: |- If specified, the ClusterResourcePlacement's Tolerations. Tolerations cannot be updated or deleted. This field is beta-level and is for the taints and tolerations feature. items: description: |- Toleration allows ClusterResourcePlacement to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, only allowed value is NoSchedule. enum: - NoSchedule type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: default: Equal description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ClusterResourcePlacement can tolerate all taints of a particular category. enum: - Equal - Exists type: string value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object maxItems: 100 type: array topologySpreadConstraints: description: |- TopologySpreadConstraints describes how a group of resources ought to spread across multiple topology domains. Scheduler will schedule resources in a way which abides by the constraints. All topologySpreadConstraints are ANDed. Only valid if the placement type is "PickN". items: description: TopologySpreadConstraint specifies how to spread resources among the given cluster topology. properties: maxSkew: default: 1 description: |- MaxSkew describes the degree to which resources may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of resource copies in the target topology and the global minimum. The global minimum is the minimum number of resource copies in a domain. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's an optional field. Default value is 1 and 0 is not allowed. format: int32 minimum: 1 type: integer topologyKey: description: |- TopologyKey is the key of cluster labels. Clusters that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of replicas of the resource into each bucket honor the `MaxSkew` value. It's a required field. type: string whenUnsatisfiable: description: |- WhenUnsatisfiable indicates how to deal with the resource if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the resource in any cluster, but giving higher precedence to topologies that would help reduce the skew. It's an optional field. type: string required: - topologyKey type: object type: array type: object resourceSelectors: description: |- ResourceSelectors is an array of selectors used to select cluster scoped resources. The selectors are `ORed`. You can have 1-100 selectors. items: description: |- ClusterResourceSelector is used to select cluster scoped resources as the target resources to be placed. If a namespace is selected, ALL the resources under the namespace are selected automatically. All the fields are `ANDed`. In other words, a resource must match all the fields to be selected. properties: group: description: |- Group name of the cluster-scoped resource. Use an empty string to select resources under the core API group (e.g., namespaces). type: string kind: description: |- Kind of the cluster-scoped resource. Note: When `Kind` is `namespace`, ALL the resources under the selected namespaces are selected. type: string labelSelector: description: |- A label query over all the cluster-scoped resources. Resources matching the query are selected. Note that namespace-scoped resources can't be selected even if they match the query. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic name: description: Name of the cluster-scoped resource. type: string version: description: Version of the cluster-scoped resource. type: string required: - group - kind - version type: object maxItems: 100 minItems: 1 type: array revisionHistoryLimit: default: 10 description: |- The number of old ClusterSchedulingPolicySnapshot or ClusterResourceSnapshot resources to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10. format: int32 maximum: 1000 minimum: 1 type: integer strategy: description: The rollout strategy to use to replace existing placement with new ones. properties: applyStrategy: description: ApplyStrategy describes when and how to apply the selected resources to the target cluster. properties: allowCoOwnership: description: |- AllowCoOwnership controls whether co-ownership between Fleet and other agents are allowed on a Fleet-managed resource. If set to false, Fleet will refuse to apply manifests to a resource that has been owned by one or more non-Fleet agents. Note that Fleet does not support the case where one resource is being placed multiple times by different CRPs on the same member cluster. An apply error will be returned if Fleet finds that a resource has been owned by another placement attempt by Fleet, even with the AllowCoOwnership setting set to true. type: boolean comparisonOption: default: PartialComparison description: |- ComparisonOption controls how Fleet compares the desired state of a resource, as kept in a hub cluster manifest, with the current state of the resource (if applicable) in the member cluster. Available options are: * PartialComparison: with this option, Fleet will compare only fields that are managed by Fleet, i.e., the fields that are specified explicitly in the hub cluster manifest. Unmanaged fields are ignored. This is the default option. * FullComparison: with this option, Fleet will compare all fields of the resource, even if the fields are absent from the hub cluster manifest. Consider using the PartialComparison option if you would like to: * use the default values for certain fields; or * let another agent, e.g., HPAs, VPAs, etc., on the member cluster side manage some fields; or * allow ad-hoc or cluster-specific settings on the member cluster side. To use the FullComparison option, it is recommended that you: * specify all fields as appropriate in the hub cluster, even if you are OK with using default values; * make sure that no fields are managed by agents other than Fleet on the member cluster side, such as HPAs, VPAs, or other controllers. See the Fleet documentation for further explanations and usage examples. enum: - PartialComparison - FullComparison type: string serverSideApplyConfig: description: ServerSideApplyConfig defines the configuration for server side apply. It is honored only when type is ServerSideApply. properties: force: description: |- Force represents to force apply to succeed when resolving the conflicts For any conflicting fields, - If true, use the values from the resource to be applied to overwrite the values of the existing resource in the target cluster, as well as take over ownership of such fields. - If false, apply will fail with the reason ApplyConflictWithOtherApplier. For non-conflicting fields, values stay unchanged and ownership are shared between appliers. type: boolean type: object type: default: ClientSideApply description: |- Type is the apply strategy to use; it determines how Fleet applies manifests from the hub cluster to a member cluster. Available options are: * ClientSideApply: Fleet uses three-way merge to apply manifests, similar to how kubectl performs a client-side apply. This is the default option. Note that this strategy requires that Fleet keep the last applied configuration in the annotation of an applied resource. If the object gets so large that apply ops can no longer be executed, Fleet will switch to server-side apply. Use ComparisonOption and WhenToApply settings to control when an apply op can be executed. * ServerSideApply: Fleet uses server-side apply to apply manifests; Fleet itself will become the field manager for specified fields in the manifests. Specify ServerSideApplyConfig as appropriate if you would like Fleet to take over field ownership upon conflicts. This is the recommended option for most scenarios; it might help reduce object size and safely resolve conflicts between field values. For more information, please refer to the Kubernetes documentation (https://kubernetes.io/docs/reference/using-api/server-side-apply/#comparison-with-client-side-apply). Use ComparisonOption and WhenToApply settings to control when an apply op can be executed. * ReportDiff: Fleet will compare the desired state of a resource as kept in the hub cluster with its current state (if applicable) on the member cluster side, and report any differences. No actual apply ops would be executed, and resources will be left alone as they are on the member clusters. If configuration differences are found on a resource, Fleet will consider this as an apply error, which might block rollout depending on the specified rollout strategy. Use ComparisonOption setting to control how the difference is calculated. ClientSideApply and ServerSideApply apply strategies only work when Fleet can assume ownership of a resource (e.g., the resource is created by Fleet, or Fleet has taken over the resource). See the comments on the WhenToTakeOver field for more information. ReportDiff apply strategy, however, will function regardless of Fleet's ownership status. One may set up a CRP with the ReportDiff strategy and the Never takeover option, and this will turn Fleet into a detection tool that reports only configuration differences but do not touch any resources on the member cluster side. For a comparison between the different strategies and usage examples, refer to the Fleet documentation. enum: - ClientSideApply - ServerSideApply - ReportDiff type: string whenToApply: default: Always description: |- WhenToApply controls when Fleet would apply the manifests on the hub cluster to the member clusters. Available options are: * Always: with this option, Fleet will periodically apply hub cluster manifests on the member cluster side; this will effectively overwrite any change in the fields managed by Fleet (i.e., specified in the hub cluster manifest). This is the default option. Note that this option would revert any ad-hoc changes made on the member cluster side in the managed fields; if you would like to make temporary edits on the member cluster side in the managed fields, switch to IfNotDrifted option. Note that changes in unmanaged fields will be left alone; if you use the FullDiff compare option, such changes will be reported as drifts. * IfNotDrifted: with this option, Fleet will stop applying hub cluster manifests on clusters that have drifted from the desired state; apply ops would still continue on the rest of the clusters. Drifts are calculated using the ComparisonOption, as explained in the corresponding field. Use this option if you would like Fleet to detect drifts in your multi-cluster setup. A drift occurs when an agent makes an ad-hoc change on the member cluster side that makes affected resources deviate from its desired state as kept in the hub cluster; and this option grants you an opportunity to view the drift details and take actions accordingly. The drift details will be reported in the CRP status. To fix a drift, you may: * revert the changes manually on the member cluster side * update the hub cluster manifest; this will trigger Fleet to apply the latest revision of the manifests, which will overwrite the drifted fields (if they are managed by Fleet) * switch to the Always option; this will trigger Fleet to apply the current revision of the manifests, which will overwrite the drifted fields (if they are managed by Fleet). * if applicable and necessary, delete the drifted resources on the member cluster side; Fleet will attempt to re-create them using the hub cluster manifests enum: - Always - IfNotDrifted type: string whenToTakeOver: default: Always description: |- WhenToTakeOver determines the action to take when Fleet applies resources to a member cluster for the first time and finds out that the resource already exists in the cluster. This setting is most relevant in cases where you would like Fleet to manage pre-existing resources on a member cluster. Available options include: * Always: with this action, Fleet will apply the hub cluster manifests to the member clusters even if the affected resources already exist. This is the default action. Note that this might lead to fields being overwritten on the member clusters, if they are specified in the hub cluster manifests. * IfNoDiff: with this action, Fleet will apply the hub cluster manifests to the member clusters if (and only if) pre-existing resources look the same as the hub cluster manifests. This is a safer option as pre-existing resources that are inconsistent with the hub cluster manifests will not be overwritten; Fleet will ignore them until the inconsistencies are resolved properly: any change you make to the hub cluster manifests would not be applied, and if you delete the manifests or even the ClusterResourcePlacement itself from the hub cluster, these pre-existing resources would not be taken away. Fleet will check for inconsistencies in accordance with the ComparisonOption setting. See also the comments on the ComparisonOption field for more information. If a diff has been found in a field that is **managed** by Fleet (i.e., the field **is specified ** in the hub cluster manifest), consider one of the following actions: * set the field in the member cluster to be of the same value as that in the hub cluster manifest. * update the hub cluster manifest so that its field value matches with that in the member cluster. * switch to the Always action, which will allow Fleet to overwrite the field with the value in the hub cluster manifest. If a diff has been found in a field that is **not managed** by Fleet (i.e., the field **is not specified** in the hub cluster manifest), consider one of the following actions: * remove the field from the member cluster. * update the hub cluster manifest so that the field is included in the hub cluster manifest. If appropriate, you may also delete the object from the member cluster; Fleet will recreate it using the hub cluster manifest. * Never: with this action, Fleet will not apply a hub cluster manifest to the member clusters if there is a corresponding pre-existing resource. However, if a manifest has never been applied yet; or it has a corresponding resource which Fleet has assumed ownership, apply op will still be executed. This is the safest option; one will have to remove the pre-existing resources (so that Fleet can re-create them) or switch to a different WhenToTakeOver option before Fleet starts processing the corresponding hub cluster manifests. If you prefer Fleet stop processing all manifests, use this option along with the ReportDiff apply strategy type. This setup would instruct Fleet to touch nothing on the member cluster side but still report configuration differences between the hub cluster and member clusters. Fleet will not give up ownership that it has already assumed though. enum: - Always - IfNoDiff - Never type: string type: object rollingUpdate: description: Rolling update config params. Present only if RolloutStrategyType = RollingUpdate. properties: maxSurge: anyOf: - type: integer - type: string default: 25% description: |- The maximum number of clusters that can be scheduled above the desired number of clusters. The desired number equals to the `NumberOfClusters` field when the placement type is `PickN`. The desired number equals to the number of clusters scheduler selected when the placement type is `PickAll`. Value can be an absolute number (ex: 5) or a percentage of desire (ex: 10%). Absolute number is calculated from percentage by rounding up. This does not apply to the case that we do in-place update of resources on the same cluster. This can not be 0 if MaxUnavailable is 0. Defaults to 25%. pattern: ^((100|[0-9]{1,2})%|[0-9]+)$ x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: integer - type: string default: 25% description: |- The maximum number of clusters that can be unavailable during the rolling update comparing to the desired number of clusters. The desired number equals to the `NumberOfClusters` field when the placement type is `PickN`. The desired number equals to the number of clusters scheduler selected when the placement type is `PickAll`. Value can be an absolute number (ex: 5) or a percentage of the desired number of clusters (ex: 10%). Absolute number is calculated from percentage by rounding up. We consider a resource unavailable when we either remove it from a cluster or in-place upgrade the resources content on the same cluster. The minimum of MaxUnavailable is 0 to allow no downtime moving a placement from one cluster to another. Please set it to be greater than 0 to avoid rolling out stuck during in-place resource update. Defaults to 25%. pattern: ^((100|[0-9]{1,2})%|[0-9]+)$ x-kubernetes-int-or-string: true unavailablePeriodSeconds: default: 60 description: |- UnavailablePeriodSeconds is used to configure the waiting time between rollout phases when we cannot determine if the resources have rolled out successfully or not. We have a built-in resource state detector to determine the availability status of following well-known Kubernetes native resources: Deployment, StatefulSet, DaemonSet, Service, Namespace, ConfigMap, Secret, ClusterRole, ClusterRoleBinding, Role, RoleBinding. Please see [SafeRollout](https://github.com/Azure/fleet/tree/main/docs/concepts/SafeRollout/README.md) for more details. For other types of resources, we consider them as available after `UnavailablePeriodSeconds` seconds have passed since they were successfully applied to the target cluster. Default is 60. type: integer type: object type: default: RollingUpdate description: |- Type of rollout. The only supported types are "RollingUpdate" and "External". Default is "RollingUpdate". enum: - RollingUpdate - External type: string type: object required: - resourceSelectors type: object status: description: The observed status of ClusterResourcePlacement. properties: conditions: description: Conditions is an array of current observed conditions for ClusterResourcePlacement. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map observedResourceIndex: description: |- Resource index logically represents the generation of the selected resources. We take a new snapshot of the selected resources whenever the selection or their content change. Each snapshot has a different resource index. One resource snapshot can contain multiple clusterResourceSnapshots CRs in order to store large amount of resources. To get clusterResourceSnapshot of a given resource index, use the following command: `kubectl get ClusterResourceSnapshot --selector=kubernetes-fleet.io/resource-index=$ObservedResourceIndex ` ObservedResourceIndex is the resource index that the conditions in the ClusterResourcePlacementStatus observe. For example, a condition of `ClusterResourcePlacementWorkSynchronized` type is observing the synchronization status of the resource snapshot with the resource index $ObservedResourceIndex. type: string placementStatuses: description: |- PlacementStatuses contains a list of placement status on the clusters that are selected by PlacementPolicy. Each selected cluster according to the latest resource placement is guaranteed to have a corresponding placementStatuses. In the pickN case, there are N placement statuses where N = NumberOfClusters; Or in the pickFixed case, there are N placement statuses where N = ClusterNames. In these cases, some of them may not have assigned clusters when we cannot fill the required number of clusters. items: description: ResourcePlacementStatus represents the placement status of selected resources for one target cluster. properties: applicableClusterResourceOverrides: description: |- ApplicableClusterResourceOverrides contains a list of applicable ClusterResourceOverride snapshots associated with the selected resources. This field is alpha-level and is for the override policy feature. items: type: string type: array applicableResourceOverrides: description: |- ApplicableResourceOverrides contains a list of applicable ResourceOverride snapshots associated with the selected resources. This field is alpha-level and is for the override policy feature. items: description: NamespacedName comprises a resource name, with a mandatory namespace. properties: name: description: Name is the name of the namespaced scope resource. type: string namespace: description: Namespace is namespace of the namespaced scope resource. type: string required: - name - namespace type: object type: array clusterName: description: |- ClusterName is the name of the cluster this resource is assigned to. If it is not empty, its value should be unique cross all placement decisions for the Placement. type: string conditions: description: Conditions is an array of current observed conditions for ResourcePlacementStatus. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array diffedPlacements: description: |- DiffedPlacements is a list of resources that have configuration differences from their corresponding hub cluster manifests. Fleet will report such differences when: * The CRP uses the ReportDiff apply strategy, which instructs Fleet to compare the hub cluster manifests against the live resources without actually performing any apply op; or * Fleet finds a pre-existing resource on the member cluster side that does not match its hub cluster counterpart, and the CRP has been configured to only take over a resource if no configuration differences are found. To control the object size, only the first 100 diffed resources will be included. This field is only meaningful if the `ClusterName` is not empty. items: description: DiffedResourcePlacement contains the details of a resource with configuration differences. properties: envelope: description: Envelope identifies the envelope object that contains this resource. properties: name: description: Name of the envelope object. type: string namespace: description: Namespace is the namespace of the envelope object. Empty if the envelope object is cluster scoped. type: string type: default: ConfigMap description: Type of the envelope object. enum: - ConfigMap type: string required: - name type: object firstDiffedObservedTime: description: |- FirstDiffedObservedTime is the first time the resource on the target cluster is observed to have configuration differences. format: date-time type: string group: description: Group is the group name of the selected resource. type: string kind: description: Kind represents the Kind of the selected resources. type: string name: description: Name of the target resource. type: string namespace: description: Namespace is the namespace of the resource. Empty if the resource is cluster scoped. type: string observationTime: description: ObservationTime is the time when we observe the configuration differences for the resource. format: date-time type: string observedDiffs: description: |- ObservedDiffs are the details about the found configuration differences. Note that Fleet might truncate the details as appropriate to control the object size. Each detail entry specifies how the live state (the state on the member cluster side) compares against the desired state (the state kept in the hub cluster manifest). An event about the details will be emitted as well. items: description: |- PatchDetail describes a patch that explains an observed configuration drift or difference. A patch detail can be transcribed as a JSON patch operation, as specified in RFC 6902. properties: path: description: The JSON path that points to a field that has drifted or has configuration differences. type: string valueInHub: description: |- The value at the JSON path from the hub cluster side. This field can be empty if the JSON path does not exist on the hub cluster side; i.e., applying the manifest from the hub cluster side would remove the field. type: string valueInMember: description: |- The value at the JSON path from the member cluster side. This field can be empty if the JSON path does not exist on the member cluster side; i.e., applying the manifest from the hub cluster side would add a new field. type: string required: - path type: object type: array targetClusterObservedGeneration: description: |- TargetClusterObservedGeneration is the generation of the resource on the target cluster that contains the configuration differences. This might be nil if the resource has not been created yet on the target cluster. format: int64 type: integer version: description: Version is the version of the selected resource. type: string required: - firstDiffedObservedTime - kind - name - observationTime - version type: object maxItems: 100 type: array driftedPlacements: description: |- DriftedPlacements is a list of resources that have drifted from their desired states kept in the hub cluster, as found by Fleet using the drift detection mechanism. To control the object size, only the first 100 drifted resources will be included. This field is only meaningful if the `ClusterName` is not empty. items: description: DriftedResourcePlacement contains the details of a resource with configuration drifts. properties: envelope: description: Envelope identifies the envelope object that contains this resource. properties: name: description: Name of the envelope object. type: string namespace: description: Namespace is the namespace of the envelope object. Empty if the envelope object is cluster scoped. type: string type: default: ConfigMap description: Type of the envelope object. enum: - ConfigMap type: string required: - name type: object firstDriftedObservedTime: description: |- FirstDriftedObservedTime is the first time the resource on the target cluster is observed to have configuration drifts. format: date-time type: string group: description: Group is the group name of the selected resource. type: string kind: description: Kind represents the Kind of the selected resources. type: string name: description: Name of the target resource. type: string namespace: description: Namespace is the namespace of the resource. Empty if the resource is cluster scoped. type: string observationTime: description: ObservationTime is the time when we observe the configuration drifts for the resource. format: date-time type: string observedDrifts: description: |- ObservedDrifts are the details about the found configuration drifts. Note that Fleet might truncate the details as appropriate to control the object size. Each detail entry specifies how the live state (the state on the member cluster side) compares against the desired state (the state kept in the hub cluster manifest). An event about the details will be emitted as well. items: description: |- PatchDetail describes a patch that explains an observed configuration drift or difference. A patch detail can be transcribed as a JSON patch operation, as specified in RFC 6902. properties: path: description: The JSON path that points to a field that has drifted or has configuration differences. type: string valueInHub: description: |- The value at the JSON path from the hub cluster side. This field can be empty if the JSON path does not exist on the hub cluster side; i.e., applying the manifest from the hub cluster side would remove the field. type: string valueInMember: description: |- The value at the JSON path from the member cluster side. This field can be empty if the JSON path does not exist on the member cluster side; i.e., applying the manifest from the hub cluster side would add a new field. type: string required: - path type: object type: array targetClusterObservedGeneration: description: |- TargetClusterObservedGeneration is the generation of the resource on the target cluster that contains the configuration drifts. format: int64 type: integer version: description: Version is the version of the selected resource. type: string required: - firstDriftedObservedTime - kind - name - observationTime - targetClusterObservedGeneration - version type: object maxItems: 100 type: array failedPlacements: description: |- FailedPlacements is a list of all the resources failed to be placed to the given cluster or the resource is unavailable. Note that we only include 100 failed resource placements even if there are more than 100. This field is only meaningful if the `ClusterName` is not empty. items: description: FailedResourcePlacement contains the failure details of a failed resource placement. properties: condition: description: The failed condition status. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object envelope: description: Envelope identifies the envelope object that contains this resource. properties: name: description: Name of the envelope object. type: string namespace: description: Namespace is the namespace of the envelope object. Empty if the envelope object is cluster scoped. type: string type: default: ConfigMap description: Type of the envelope object. enum: - ConfigMap type: string required: - name type: object group: description: Group is the group name of the selected resource. type: string kind: description: Kind represents the Kind of the selected resources. type: string name: description: Name of the target resource. type: string namespace: description: Namespace is the namespace of the resource. Empty if the resource is cluster scoped. type: string version: description: Version is the version of the selected resource. type: string required: - condition - kind - name - version type: object maxItems: 100 type: array type: object type: array selectedResources: description: SelectedResources contains a list of resources selected by ResourceSelectors. items: description: ResourceIdentifier identifies one Kubernetes resource. properties: envelope: description: Envelope identifies the envelope object that contains this resource. properties: name: description: Name of the envelope object. type: string namespace: description: Namespace is the namespace of the envelope object. Empty if the envelope object is cluster scoped. type: string type: default: ConfigMap description: Type of the envelope object. enum: - ConfigMap type: string required: - name type: object group: description: Group is the group name of the selected resource. type: string kind: description: Kind represents the Kind of the selected resources. type: string name: description: Name of the target resource. type: string namespace: description: Namespace is the namespace of the resource. Empty if the resource is cluster scoped. type: string version: description: Version is the version of the selected resource. type: string required: - kind - name - version type: object type: array type: object required: - spec type: object served: true storage: true subresources: status: {}