云原生|kubernetes|kubernetes资源备份和集群迁移神器velero的部署和使用

前言:

kubernetes集群需要灾备吗?kubernetes需要迁移吗? 答案肯定是需要的

那么,如何做kubernetes灾备和迁移呢?当然了,有很多的方法,例如,自己编写shell脚本,或者使用专业的灾备工具,但shell编写复杂,也可能会有所遗漏,对比其它的kubernetes专业备份软件,很多备份条件苛刻,安装部署困难,或者恢复只能一把梭,也就是备份和恢复不太灵活的那种样子,比如,Kasten K10 就部署比较麻烦(过于重),备份也不太灵光的样子。

velero 这个备份工具比较好,优点有 部署简单,快速,备份范围可定制,例如只备份deployment这样的资源,只备份某个namespace等等,也就是备份范围灵活,可控,恢复速度也是很快的,在kubernetes集群迁移方面也是基本没有缺点,只是在安全性方面可能不是特别的确定,因为velero主要是基于对象存储插件来备份的,一般是obs,oss或者minio,而这些面向对象存储的安全性无法确定的保障,关键的是该软件是go语言编写的,天生和kubernetes这样的云原生对味。

下面本文将就velero的部署和基本使用做一个介绍。

一,

示例环境介绍

VMware虚拟机,四台服务器,IP地址分别是192.168.123.11,192.168.123.12,192.168.123.13,192.168.123.14  操作系统是centos-7.5 ,内核版本是3.10, kubernetes集群是通过kubekey部署的,版本是1.23.16, 三个master节点,一个工作节点:

下面是环境详情:

[root@node4 nginx-app]# k get no
NAME    STATUS   ROLES                  AGE    VERSION
node1   Ready    control-plane,master   160d   v1.23.16
node2   Ready    control-plane,master   160d   v1.23.16
node3   Ready    control-plane,master   160d   v1.23.16
node4   Ready    worker                 160d   v1.23.16
[root@node4 nginx-app]# cat /etc/redhat-release 
CentOS Linux release 7.7.1908 (Core)[root@node4 nginx-app]# uname -a
Linux node4 3.10.0-1062.el7.x86_64 #1 SMP Wed Aug 7 18:08:02 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux[root@node4 nginx-app]# k top no
NAME    CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%   
node1   162m         4%     3131Mi          96%       
node2   136m         3%     2958Mi          90%       
node3   132m         3%     3047Mi          93%       
node4   104m         2%     1609Mi          49%   
[root@node4 nginx-app]# k get po -A -owide
NAMESPACE     NAME                                       READY   STATUS    RESTARTS         AGE     IP               NODE    NOMINATED NODE   READINESS GATES
kube-system   calico-kube-controllers-84897d7cdf-crnmk   1/1     Running   1 (15h ago)      18h     10.244.32.17     node2   <none>           <none>
kube-system   calico-node-2m7hp                          1/1     Running   15 (13d ago)     160d    192.168.123.11   node1   <none>           <none>
kube-system   calico-node-5ztjk                          1/1     Running   8 (18h ago)      160d    192.168.123.14   node4   <none>           <none>
kube-system   calico-node-96dmb                          1/1     Running   9 (39d ago)      160d    192.168.123.13   node3   <none>           <none>
kube-system   calico-node-rqp2p                          1/1     Running   213 (15h ago)    160d    192.168.123.12   node2   <none>           <none>
kube-system   coredns-b7c47bcdc-6vdk2                    1/1     Running   0                39d     10.244.26.10     node1   <none>           <none>
kube-system   coredns-b7c47bcdc-db9cp                    1/1     Running   1 (15h ago)      18h     10.244.32.18     node2   <none>           <none>
kube-system   haproxy-node4                              1/1     Running   5 (18h ago)      160d    192.168.123.14   node4   <none>           <none>
kube-system   kube-apiserver-node1                       1/1     Running   161 (104d ago)   160d    192.168.123.11   node1   <none>           <none>
kube-system   kube-apiserver-node2                       1/1     Running   8 (15h ago)      160d    192.168.123.12   node2   <none>           <none>
kube-system   kube-apiserver-node3                       1/1     Running   7 (42h ago)      160d    192.168.123.13   node3   <none>           <none>
kube-system   kube-controller-manager-node1              1/1     Running   12 (43h ago)     160d    192.168.123.11   node1   <none>           <none>
kube-system   kube-controller-manager-node2              1/1     Running   11 (15h ago)     160d    192.168.123.12   node2   <none>           <none>
kube-system   kube-controller-manager-node3              1/1     Running   14 (9h ago)      160d    192.168.123.13   node3   <none>           <none>
kube-system   kube-proxy-649mn                           1/1     Running   5 (18h ago)      160d    192.168.123.14   node4   <none>           <none>
kube-system   kube-proxy-7q7ts                           1/1     Running   6 (39d ago)      160d    192.168.123.13   node3   <none>           <none>
kube-system   kube-proxy-dmd7v                           1/1     Running   8 (15h ago)      160d    192.168.123.12   node2   <none>           <none>
kube-system   kube-proxy-fpb6z                           1/1     Running   5 (104d ago)     160d    192.168.123.11   node1   <none>           <none>
kube-system   kube-scheduler-node1                       1/1     Running   15 (2d20h ago)   160d    192.168.123.11   node1   <none>           <none>
kube-system   kube-scheduler-node2                       1/1     Running   12 (15h ago)     160d    192.168.123.12   node2   <none>           <none>
kube-system   kube-scheduler-node3                       1/1     Running   12 (42h ago)     160d    192.168.123.13   node3   <none>           <none>
kube-system   kube-state-metrics-57794dcf65-rl967        1/1     Running   0                4h38m   10.244.41.62     node4   <none>           <none>
kube-system   metrics-server-5fcc7b68b7-wsrk7            1/1     Running   2 (4h38m ago)    4h38m   10.244.41.63     node4   <none>           <none>
kube-system   nodelocaldns-565pz                         1/1     Running   8 (15h ago)      160d    192.168.123.12   node2   <none>           <none>
kube-system   nodelocaldns-dpwlx                         1/1     Running   6 (39d ago)      160d    192.168.123.13   node3   <none>           <none>
kube-system   nodelocaldns-ndlbw                         1/1     Running   5 (18h ago)      160d    192.168.123.14   node4   <none>           <none>
kube-system   nodelocaldns-r8gjl                         1/1     Running   5 (104d ago)     160d    192.168.123.11   node1   <none>           <none>
velero        nginx-6888c79454-rhgdw                     1/1     Running   0                4h8m    10.244.41.67     node4   <none>           <none>
velero        restic-2wkqs                               1/1     Running   0                4h8m    10.244.32.21     node2   <none>           <none>
velero        restic-kw2wl                               1/1     Running   0                4h8m    10.244.26.13     node1   <none>           <none>
velero        restic-qv6rn                               1/1     Running   0                4h8m    10.244.28.10     node3   <none>           <none>
velero        restic-ssfrg                               1/1     Running   0                4h8m    10.244.41.65     node4   <none>           <none>
velero        velero-fbb9469f6-vf4z5                     1/1     Running   0                4h8m    10.244.41.64     node4   <none>           <none>

二,

velero的强依赖

前面也说了velero需要对象存储插件或者服务,这里可以是oss,obs,minio这样的常用的对象存储,本例既然是做实验,当然不会搞一个云厂商主流的oos,显然部署oos是不现实的嘛,那么,minio还是可以搞一搞的,前两天已经把部署minio分布式集群写过了,在这里就不重复了,见我的博客:

云原生|对象存储|minio分布式集群的搭建和初步使用(可用于生产)-CSDN博客

三,

velero的下载和部署

下载地址:https://github.com/vmware-tanzu/velero/releases?page=4  

本例使用的版本是velero-v1.9.4-linux-amd64.tar.gz

部署:

解压文件后,扔到/usr/bin/目录下即可,确认版本,最好是放置在kubernetes集群的管理节点,因为velero需要使用KUBECONFIG来获取备份所需的信息:

[root@node4 nginx-app]# velero version
Client:Version: v1.9.4Git commit: ddfc962282783cf2f0bf364c9d721f88fa4cc058
Server:Version: v1.9.4

该命令可以像kubelet一样设置自动补全,Linux下的自动补全非常简单,前提是安装bash_complete:

velero completion bash >/etc/bash_completion.d/velero

If you have an alias for velero, you can extend shell completion to work with that alias(如果需要简化命令和自动补全,执行下面的命令即可):

echo 'alias v=velero' >>~/.bashrc
echo 'complete -F __start_velero v' >>~/.bashrc

下面是通过命令生成部署清单文件,一般不建议直接安装,毕竟留一个安装文件也好及时调整修改嘛(--dry-run 然后输出为yaml):

minio的console用户和密码

[root@node4 ~]# cat credentials-velero 
[default]
aws_access_key_id=minioadmin
aws_secret_access_key=minioadmin

 需要注意,kubernetes集群的版本必须是1.16及以上,如果是使用minio,下面的命令不需要更改,s3url根据实际情况填写,minio登录web管理界面,创建一个桶,桶名称为velero 就可以了

velero install     --use-restic     --provider aws     --plugins velero/velero-plugin-for-aws:v1.5.0     --bucket velero     --secret-file /root/credentials-velero     --use-volume-snapshots=false     --backup-location-config region=minio,s3ForcePathStyle="true",s3Url=http://192.168.123.11:39111     --dry-run -o yaml > velero.yaml

部署清单文件的内容(内容非常长):

apiVersion: v1
items:
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: backups.velero.iospec:group: velero.ionames:kind: BackuplistKind: BackupListplural: backupssingular: backupscope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: Backup is a Velero resource that represents the capture ofKubernetes cluster state at a point in time (API objects and associatedvolume state).properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: BackupSpec defines the specification for a Velero backup.properties:csiSnapshotTimeout:description: CSISnapshotTimeout specifies the time used to waitfor CSI VolumeSnapshot status turns to ReadyToUse during creation,before returning error as timeout. The default value is 10 minute.type: stringdefaultVolumesToRestic:description: DefaultVolumesToRestic specifies whether restic shouldbe used to take a backup of all pod volumes by default.type: booleanexcludedNamespaces:description: ExcludedNamespaces contains a list of namespaces thatare not included in the backup.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources is a slice of resource names thatare not included in the backup.items:type: stringnullable: truetype: arrayhooks:description: Hooks represent custom behaviors that should be executedat different phases of the backup.properties:resources:description: Resources are hooks that should be executed whenbacking up individual instances of a resource.items:description: BackupResourceHookSpec defines one or more BackupResourceHooksthat should be executed based on the rules defined for namespaces,resources, and label selector.properties:excludedNamespaces:description: ExcludedNamespaces specifies the namespacesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources specifies the resourcesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayincludedNamespaces:description: IncludedNamespaces specifies the namespacesto which this hook spec applies. If empty, it appliesto all namespaces.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources specifies the resourcesto which this hook spec applies. If empty, it appliesto all resources.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector, if specified, filters theresources to which this hook spec applies.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator thatrelates the key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In,NotIn, Exists and DoesNotExist.type: stringvalues:description: values is an array of string values.If the operator is In or NotIn, the valuesarray must be non-empty. If the operator isExists or DoesNotExist, the values array mustbe empty. This array is replaced during astrategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs.A single {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key fieldis "key", the operator is "In", and the values arraycontains only "value". The requirements are ANDed.type: objecttype: objectname:description: Name is the name of this hook.type: stringpost:description: PostHooks is a list of BackupResourceHooksto execute after storing the item in the backup. Theseare executed after all "additional items" from itemactions are processed.items:description: BackupResourceHook defines a hook for aresource.properties:exec:description: Exec defines an exec hook.properties:command:description: Command is the command and argumentsto execute.items:type: stringminItems: 1type: arraycontainer:description: Container is the container in thepod where the command should be executed.If not specified, the pod's first containeris used.type: stringonError:description: OnError specifies how Velero shouldbehave if it encounters an error executingthis hook.enum:- Continue- Failtype: stringtimeout:description: Timeout defines the maximum amountof time Velero should wait for the hook tocomplete before considering the executiona failure.type: stringrequired:- commandtype: objectrequired:- exectype: objecttype: arraypre:description: PreHooks is a list of BackupResourceHooksto execute prior to storing the item in the backup.These are executed before any "additional items" fromitem actions are processed.items:description: BackupResourceHook defines a hook for aresource.properties:exec:description: Exec defines an exec hook.properties:command:description: Command is the command and argumentsto execute.items:type: stringminItems: 1type: arraycontainer:description: Container is the container in thepod where the command should be executed.If not specified, the pod's first containeris used.type: stringonError:description: OnError specifies how Velero shouldbehave if it encounters an error executingthis hook.enum:- Continue- Failtype: stringtimeout:description: Timeout defines the maximum amountof time Velero should wait for the hook tocomplete before considering the executiona failure.type: stringrequired:- commandtype: objectrequired:- exectype: objecttype: arrayrequired:- nametype: objectnullable: truetype: arraytype: objectincludeClusterResources:description: IncludeClusterResources specifies whether cluster-scopedresources should be included for consideration in the backup.nullable: truetype: booleanincludedNamespaces:description: IncludedNamespaces is a slice of namespace names toinclude objects from. If empty, all namespaces are included.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources is a slice of resource names to includein the backup. If empty, all resources are included.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector is a metav1.LabelSelector to filter withwhen adding individual objects to the backup. If empty or nil,all objects are included. Optional.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selector requirements.The requirements are ANDed.items:description: A label selector requirement is a selector thatcontains values, a key, and an operator that relates thekey and values.properties:key:description: key is the label key that the selector appliesto.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn, Existsand DoesNotExist.type: stringvalues:description: values is an array of string values. If theoperator is In or NotIn, the values array must be non-empty.If the operator is Exists or DoesNotExist, the valuesarray must be empty. This array is replaced during astrategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs. A single{key,value} in the matchLabels map is equivalent to an elementof matchExpressions, whose key field is "key", the operatoris "In", and the values array contains only "value". The requirementsare ANDed.type: objecttype: objectmetadata:properties:labels:additionalProperties:type: stringtype: objecttype: objectorLabelSelectors:description: OrLabelSelectors is list of metav1.LabelSelector tofilter with when adding individual objects to the backup. If multipleprovided they will be joined by the OR operator. LabelSelectoras well as OrLabelSelectors cannot co-exist in backup request,only one of them can be used.items:description: A label selector is a label query over a set of resources.The result of matchLabels and matchExpressions are ANDed. Anempty label selector matches all objects. A null label selectormatches no objects.properties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator that relatesthe key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn,Exists and DoesNotExist.type: stringvalues:description: values is an array of string values. Ifthe operator is In or NotIn, the values array mustbe non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replacedduring a strategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs. Asingle {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key field is "key",the operator is "In", and the values array contains only"value". The requirements are ANDed.type: objecttype: objectnullable: truetype: arrayorderedResources:additionalProperties:type: stringdescription: OrderedResources specifies the backup order of resourcesof specific Kind. The map key is the Kind name and value is alist of resource names separated by commas. Each resource namehas format "namespace/resourcename".  For cluster resources, simplyuse "resourcename".nullable: truetype: objectsnapshotVolumes:description: SnapshotVolumes specifies whether to take cloud snapshotsof any PV's referenced in the set of objects included in the Backup.nullable: truetype: booleanstorageLocation:description: StorageLocation is a string containing the name ofa BackupStorageLocation where the backup should be stored.type: stringttl:description: TTL is a time.Duration-parseable string describinghow long the Backup should be retained for.type: stringvolumeSnapshotLocations:description: VolumeSnapshotLocations is a list containing namesof VolumeSnapshotLocations associated with this backup.items:type: stringtype: arraytype: objectstatus:description: BackupStatus captures the current status of a Velero backup.properties:completionTimestamp:description: CompletionTimestamp records the time a backup was completed.Completion time is recorded even on failed backups. Completiontime is recorded before uploading the backup object. The server'stime is used for CompletionTimestampsformat: date-timenullable: truetype: stringcsiVolumeSnapshotsAttempted:description: CSIVolumeSnapshotsAttempted is the total number ofattempted CSI VolumeSnapshots for this backup.type: integercsiVolumeSnapshotsCompleted:description: CSIVolumeSnapshotsCompleted is the total number ofsuccessfully completed CSI VolumeSnapshots for this backup.type: integererrors:description: Errors is a count of all error messages that were generatedduring execution of the backup.  The actual errors are in thebackup's log file in object storage.type: integerexpiration:description: Expiration is when this Backup is eligible for garbage-collection.format: date-timenullable: truetype: stringfailureReason:description: FailureReason is an error that caused the entire backupto fail.type: stringformatVersion:description: FormatVersion is the backup format version, includingmajor, minor, and patch version.type: stringphase:description: Phase is the current state of the Backup.enum:- New- FailedValidation- InProgress- Completed- PartiallyFailed- Failed- Deletingtype: stringprogress:description: Progress contains information about the backup's executionprogress. Note that this information is best-effort only -- ifVelero fails to update it during a backup for any reason, it maybe inaccurate/stale.nullable: trueproperties:itemsBackedUp:description: ItemsBackedUp is the number of items that haveactually been written to the backup tarball so far.type: integertotalItems:description: TotalItems is the total number of items to be backedup. This number may change throughout the execution of thebackup due to plugins that return additional related itemsto back up, the velero.io/exclude-from-backup label, and variousother filters that happen as items are processed.type: integertype: objectstartTimestamp:description: StartTimestamp records the time a backup was started.Separate from CreationTimestamp, since that value changes on restores.The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringvalidationErrors:description: ValidationErrors is a slice of all validation errors(if applicable).items:type: stringnullable: truetype: arrayversion:description: 'Version is the backup format major version. Deprecated:Please see FormatVersion'type: integervolumeSnapshotsAttempted:description: VolumeSnapshotsAttempted is the total number of attemptedvolume snapshots for this backup.type: integervolumeSnapshotsCompleted:description: VolumeSnapshotsCompleted is the total number of successfullycompleted volume snapshots for this backup.type: integerwarnings:description: Warnings is a count of all warning messages that weregenerated during execution of the backup. The actual warningsare in the backup's log file in object storage.type: integertype: objecttype: objectserved: truestorage: true
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: backupstoragelocations.velero.iospec:group: velero.ionames:kind: BackupStorageLocationlistKind: BackupStorageLocationListplural: backupstoragelocationsshortNames:- bslsingular: backupstoragelocationscope: Namespacedversions:- additionalPrinterColumns:- description: Backup Storage Location status such as Available/UnavailablejsonPath: .status.phasename: Phasetype: string- description: LastValidationTime is the last time the backup store locationwas validatedjsonPath: .status.lastValidationTimename: Last Validatedtype: date- jsonPath: .metadata.creationTimestampname: Agetype: date- description: Default backup storage locationjsonPath: .spec.defaultname: Defaulttype: booleanname: v1schema:openAPIV3Schema:description: BackupStorageLocation is a location where Velero stores backupobjectsproperties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: BackupStorageLocationSpec defines the desired state ofa Velero BackupStorageLocationproperties:accessMode:description: AccessMode defines the permissions for the backup storagelocation.enum:- ReadOnly- ReadWritetype: stringbackupSyncPeriod:description: BackupSyncPeriod defines how frequently to sync backupAPI objects from object storage. A value of 0 disables sync.nullable: truetype: stringconfig:additionalProperties:type: stringdescription: Config is for provider-specific configuration fields.type: objectcredential:description: Credential contains the credential information intendedto be used with this locationproperties:key:description: The key of the secret to select from.  Must bea valid secret key.type: stringname:description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields. apiVersion, kind, uid?'type: stringoptional:description: Specify whether the Secret or its key must be definedtype: booleanrequired:- keytype: objectdefault:description: Default indicates this location is the default backupstorage location.type: booleanobjectStorage:description: ObjectStorageLocation specifies the settings necessaryto connect to a provider's object storage.properties:bucket:description: Bucket is the bucket to use for object storage.type: stringcaCert:description: CACert defines a CA bundle to use when verifyingTLS connections to the provider.format: bytetype: stringprefix:description: Prefix is the path inside a bucket to use for Velerostorage. Optional.type: stringrequired:- buckettype: objectprovider:description: Provider is the provider of the backup storage.type: stringvalidationFrequency:description: ValidationFrequency defines how frequently to validatethe corresponding object storage. A value of 0 disables validation.nullable: truetype: stringrequired:- objectStorage- providertype: objectstatus:description: BackupStorageLocationStatus defines the observed stateof BackupStorageLocationproperties:accessMode:description: "AccessMode is an unused field. \n Deprecated: thereis now an AccessMode field on the Spec and this field will beremoved entirely as of v2.0."enum:- ReadOnly- ReadWritetype: stringlastSyncedRevision:description: "LastSyncedRevision is the value of the `metadata/revision`file in the backup storage location the last time the BSL's contentswere synced into the cluster. \n Deprecated: this field is nolonger updated or used for detecting changes to the location'scontents and will be removed entirely in v2.0."type: stringlastSyncedTime:description: LastSyncedTime is the last time the contents of thelocation were synced into the cluster.format: date-timenullable: truetype: stringlastValidationTime:description: LastValidationTime is the last time the backup storelocation was validated the cluster.format: date-timenullable: truetype: stringmessage:description: Message is a message about the backup storage location'sstatus.type: stringphase:description: Phase is the current state of the BackupStorageLocation.enum:- Available- Unavailabletype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: deletebackuprequests.velero.iospec:group: velero.ionames:kind: DeleteBackupRequestlistKind: DeleteBackupRequestListplural: deletebackuprequestssingular: deletebackuprequestscope: Namespacedversions:- additionalPrinterColumns:- description: The name of the backup to be deletedjsonPath: .spec.backupNamename: BackupNametype: string- description: The status of the deletion requestjsonPath: .status.phasename: Statustype: stringname: v1schema:openAPIV3Schema:description: DeleteBackupRequest is a request to delete one or more backups.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: DeleteBackupRequestSpec is the specification for whichbackups to delete.properties:backupName:type: stringrequired:- backupNametype: objectstatus:description: DeleteBackupRequestStatus is the current status of a DeleteBackupRequest.properties:errors:description: Errors contains any errors that were encountered duringthe deletion process.items:type: stringnullable: truetype: arrayphase:description: Phase is the current state of the DeleteBackupRequest.enum:- New- InProgress- Processedtype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: downloadrequests.velero.iospec:group: velero.ionames:kind: DownloadRequestlistKind: DownloadRequestListplural: downloadrequestssingular: downloadrequestscope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: DownloadRequest is a request to download an artifact from backupobject storage, such as a backup log file.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: DownloadRequestSpec is the specification for a downloadrequest.properties:target:description: Target is what to download (e.g. logs for a backup).properties:kind:description: Kind is the type of file to download.enum:- BackupLog- BackupContents- BackupVolumeSnapshots- BackupItemSnapshots- BackupResourceList- RestoreLog- RestoreResults- CSIBackupVolumeSnapshots- CSIBackupVolumeSnapshotContentstype: stringname:description: Name is the name of the kubernetes resource withwhich the file is associated.type: stringrequired:- kind- nametype: objectrequired:- targettype: objectstatus:description: DownloadRequestStatus is the current status of a DownloadRequest.properties:downloadURL:description: DownloadURL contains the pre-signed URL for the targetfile.type: stringexpiration:description: Expiration is when this DownloadRequest expires andcan be deleted by the system.format: date-timenullable: truetype: stringphase:description: Phase is the current state of the DownloadRequest.enum:- New- Processedtype: stringtype: objecttype: objectserved: truestorage: true
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: podvolumebackups.velero.iospec:group: velero.ionames:kind: PodVolumeBackuplistKind: PodVolumeBackupListplural: podvolumebackupssingular: podvolumebackupscope: Namespacedversions:- additionalPrinterColumns:- description: Pod Volume Backup status such as New/InProgressjsonPath: .status.phasename: Statustype: string- description: Time when this backup was startedjsonPath: .status.startTimestampname: Createdtype: date- description: Namespace of the pod containing the volume to be backed upjsonPath: .spec.pod.namespacename: Namespacetype: string- description: Name of the pod containing the volume to be backed upjsonPath: .spec.pod.namename: Podtype: string- description: Name of the volume to be backed upjsonPath: .spec.volumename: Volumetype: string- description: Restic repository identifier for this backupjsonPath: .spec.repoIdentifiername: Restic Repotype: string- description: Name of the Backup Storage Location where this backup shouldbe storedjsonPath: .spec.backupStorageLocationname: Storage Locationtype: string- jsonPath: .metadata.creationTimestampname: Agetype: datename: v1schema:openAPIV3Schema:properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: PodVolumeBackupSpec is the specification for a PodVolumeBackup.properties:backupStorageLocation:description: BackupStorageLocation is the name of the backup storagelocation where the restic repository is stored.type: stringnode:description: Node is the name of the node that the Pod is runningon.type: stringpod:description: Pod is a reference to the pod containing the volumeto be backed up.properties:apiVersion:description: API version of the referent.type: stringfieldPath:description: 'If referring to a piece of an object instead ofan entire object, this string should contain a valid JSON/Gofield access statement, such as desiredState.manifest.containers[2].For example, if the object reference is to a container withina pod, this would take on a value like: "spec.containers{name}"(where "name" refers to the name of the container that triggeredthe event) or if no container name is specified "spec.containers[2]"(container with index 2 in this pod). This syntax is chosenonly to have some well-defined way of referencing a part ofan object. TODO: this design is not final and this field issubject to change in the future.'type: stringkind:description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringname:description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'type: stringnamespace:description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'type: stringresourceVersion:description: 'Specific resourceVersion to which this referenceis made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'type: stringuid:description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'type: stringtype: objectrepoIdentifier:description: RepoIdentifier is the restic repository identifier.type: stringtags:additionalProperties:type: stringdescription: Tags are a map of key-value pairs that should be appliedto the volume backup as tags.type: objectvolume:description: Volume is the name of the volume within the Pod tobe backed up.type: stringrequired:- backupStorageLocation- node- pod- repoIdentifier- volumetype: objectstatus:description: PodVolumeBackupStatus is the current status of a PodVolumeBackup.properties:completionTimestamp:description: CompletionTimestamp records the time a backup was completed.Completion time is recorded even on failed backups. Completiontime is recorded before uploading the backup object. The server'stime is used for CompletionTimestampsformat: date-timenullable: truetype: stringmessage:description: Message is a message about the pod volume backup'sstatus.type: stringpath:description: Path is the full path within the controller pod beingbacked up.type: stringphase:description: Phase is the current state of the PodVolumeBackup.enum:- New- InProgress- Completed- Failedtype: stringprogress:description: Progress holds the total number of bytes of the volumeand the current number of backed up bytes. This can be used todisplay progress information about the backup operation.properties:bytesDone:format: int64type: integertotalBytes:format: int64type: integertype: objectsnapshotID:description: SnapshotID is the identifier for the snapshot of thepod volume.type: stringstartTimestamp:description: StartTimestamp records the time a backup was started.Separate from CreationTimestamp, since that value changes on restores.The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: podvolumerestores.velero.iospec:group: velero.ionames:kind: PodVolumeRestorelistKind: PodVolumeRestoreListplural: podvolumerestoressingular: podvolumerestorescope: Namespacedversions:- additionalPrinterColumns:- description: Namespace of the pod containing the volume to be restoredjsonPath: .spec.pod.namespacename: Namespacetype: string- description: Name of the pod containing the volume to be restoredjsonPath: .spec.pod.namename: Podtype: string- description: Name of the volume to be restoredjsonPath: .spec.volumename: Volumetype: string- description: Pod Volume Restore status such as New/InProgressjsonPath: .status.phasename: Statustype: string- description: Pod Volume Restore status such as New/InProgressformat: int64jsonPath: .status.progress.totalBytesname: TotalBytestype: integer- description: Pod Volume Restore status such as New/InProgressformat: int64jsonPath: .status.progress.bytesDonename: BytesDonetype: integer- jsonPath: .metadata.creationTimestampname: Agetype: datename: v1schema:openAPIV3Schema:properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: PodVolumeRestoreSpec is the specification for a PodVolumeRestore.properties:backupStorageLocation:description: BackupStorageLocation is the name of the backup storagelocation where the restic repository is stored.type: stringpod:description: Pod is a reference to the pod containing the volumeto be restored.properties:apiVersion:description: API version of the referent.type: stringfieldPath:description: 'If referring to a piece of an object instead ofan entire object, this string should contain a valid JSON/Gofield access statement, such as desiredState.manifest.containers[2].For example, if the object reference is to a container withina pod, this would take on a value like: "spec.containers{name}"(where "name" refers to the name of the container that triggeredthe event) or if no container name is specified "spec.containers[2]"(container with index 2 in this pod). This syntax is chosenonly to have some well-defined way of referencing a part ofan object. TODO: this design is not final and this field issubject to change in the future.'type: stringkind:description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringname:description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'type: stringnamespace:description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'type: stringresourceVersion:description: 'Specific resourceVersion to which this referenceis made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'type: stringuid:description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'type: stringtype: objectrepoIdentifier:description: RepoIdentifier is the restic repository identifier.type: stringsnapshotID:description: SnapshotID is the ID of the volume snapshot to be restored.type: stringvolume:description: Volume is the name of the volume within the Pod tobe restored.type: stringrequired:- backupStorageLocation- pod- repoIdentifier- snapshotID- volumetype: objectstatus:description: PodVolumeRestoreStatus is the current status of a PodVolumeRestore.properties:completionTimestamp:description: CompletionTimestamp records the time a restore wascompleted. Completion time is recorded even on failed restores.The server's time is used for CompletionTimestampsformat: date-timenullable: truetype: stringmessage:description: Message is a message about the pod volume restore'sstatus.type: stringphase:description: Phase is the current state of the PodVolumeRestore.enum:- New- InProgress- Completed- Failedtype: stringprogress:description: Progress holds the total number of bytes of the snapshotand the current number of restored bytes. This can be used todisplay progress information about the restore operation.properties:bytesDone:format: int64type: integertotalBytes:format: int64type: integertype: objectstartTimestamp:description: StartTimestamp records the time a restore was started.The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: resticrepositories.velero.iospec:group: velero.ionames:kind: ResticRepositorylistKind: ResticRepositoryListplural: resticrepositoriessingular: resticrepositoryscope: Namespacedversions:- additionalPrinterColumns:- jsonPath: .metadata.creationTimestampname: Agetype: datename: v1schema:openAPIV3Schema:properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: ResticRepositorySpec is the specification for a ResticRepository.properties:backupStorageLocation:description: BackupStorageLocation is the name of the BackupStorageLocationthat should contain this repository.type: stringmaintenanceFrequency:description: MaintenanceFrequency is how often maintenance shouldbe run.type: stringresticIdentifier:description: ResticIdentifier is the full restic-compatible stringfor identifying this repository.type: stringvolumeNamespace:description: VolumeNamespace is the namespace this restic repositorycontains pod volume backups for.type: stringrequired:- backupStorageLocation- maintenanceFrequency- resticIdentifier- volumeNamespacetype: objectstatus:description: ResticRepositoryStatus is the current status of a ResticRepository.properties:lastMaintenanceTime:description: LastMaintenanceTime is the last time maintenance wasrun.format: date-timenullable: truetype: stringmessage:description: Message is a message about the current status of theResticRepository.type: stringphase:description: Phase is the current state of the ResticRepository.enum:- New- Ready- NotReadytype: stringtype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: restores.velero.iospec:group: velero.ionames:kind: RestorelistKind: RestoreListplural: restoressingular: restorescope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: Restore is a Velero resource that represents the applicationof resources from a Velero backup to a target Kubernetes cluster.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: RestoreSpec defines the specification for a Velero restore.properties:backupName:description: BackupName is the unique name of the Velero backupto restore from.type: stringexcludedNamespaces:description: ExcludedNamespaces contains a list of namespaces thatare not included in the restore.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources is a slice of resource names thatare not included in the restore.items:type: stringnullable: truetype: arrayexistingResourcePolicy:description: ExistingResourcePolicy specifies the restore behaviourfor the kubernetes resource to be restorednullable: truetype: stringhooks:description: Hooks represent custom behaviors that should be executedduring or post restore.properties:resources:items:description: RestoreResourceHookSpec defines one or more RestoreResrouceHooksthat should be executed based on the rules defined for namespaces,resources, and label selector.properties:excludedNamespaces:description: ExcludedNamespaces specifies the namespacesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources specifies the resourcesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayincludedNamespaces:description: IncludedNamespaces specifies the namespacesto which this hook spec applies. If empty, it appliesto all namespaces.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources specifies the resourcesto which this hook spec applies. If empty, it appliesto all resources.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector, if specified, filters theresources to which this hook spec applies.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator thatrelates the key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In,NotIn, Exists and DoesNotExist.type: stringvalues:description: values is an array of string values.If the operator is In or NotIn, the valuesarray must be non-empty. If the operator isExists or DoesNotExist, the values array mustbe empty. This array is replaced during astrategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs.A single {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key fieldis "key", the operator is "In", and the values arraycontains only "value". The requirements are ANDed.type: objecttype: objectname:description: Name is the name of this hook.type: stringpostHooks:description: PostHooks is a list of RestoreResourceHooksto execute during and after restoring a resource.items:description: RestoreResourceHook defines a restore hookfor a resource.properties:exec:description: Exec defines an exec restore hook.properties:command:description: Command is the command and argumentsto execute from within a container after apod has been restored.items:type: stringminItems: 1type: arraycontainer:description: Container is the container in thepod where the command should be executed.If not specified, the pod's first containeris used.type: stringexecTimeout:description: ExecTimeout defines the maximumamount of time Velero should wait for thehook to complete before considering the executiona failure.type: stringonError:description: OnError specifies how Velero shouldbehave if it encounters an error executingthis hook.enum:- Continue- Failtype: stringwaitTimeout:description: WaitTimeout defines the maximumamount of time Velero should wait for thecontainer to be Ready before attempting torun the command.type: stringrequired:- commandtype: objectinit:description: Init defines an init restore hook.properties:initContainers:description: InitContainers is list of initcontainers to be added to a pod during itsrestore.items:description: A single application containerthat you want to run within a pod.properties:args:description: 'Arguments to the entrypoint.The container image''s CMD is used ifthis is not provided. Variable references$(VAR_NAME) are expanded using the container''senvironment. If a variable cannot beresolved, the reference in the inputstring will be unchanged. Double $$are reduced to a single $, which allowsfor escaping the $(VAR_NAME) syntax:i.e. "$$(VAR_NAME)" will produce thestring literal "$(VAR_NAME)". Escapedreferences will never be expanded, regardlessof whether the variable exists or not.Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'items:type: stringtype: arraycommand:description: 'Entrypoint array. Not executedwithin a shell. The container image''sENTRYPOINT is used if this is not provided.Variable references $(VAR_NAME) areexpanded using the container''s environment.If a variable cannot be resolved, thereference in the input string will beunchanged. Double $$ are reduced toa single $, which allows for escapingthe $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"will produce the string literal "$(VAR_NAME)".Escaped references will never be expanded,regardless of whether the variable existsor not. Cannot be updated. More info:https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'items:type: stringtype: arrayenv:description: List of environment variablesto set in the container. Cannot be updated.items:description: EnvVar represents an environmentvariable present in a Container.properties:name:description: Name of the environmentvariable. Must be a C_IDENTIFIER.type: stringvalue:description: 'Variable references$(VAR_NAME) are expanded usingthe previously defined environmentvariables in the container andany service environment variables.If a variable cannot be resolved,the reference in the input stringwill be unchanged. Double $$ arereduced to a single $, which allowsfor escaping the $(VAR_NAME) syntax:i.e. "$$(VAR_NAME)" will producethe string literal "$(VAR_NAME)".Escaped references will neverbe expanded, regardless of whetherthe variable exists or not. Defaultsto "".'type: stringvalueFrom:description: Source for the environmentvariable's value. Cannot be usedif value is not empty.properties:configMapKeyRef:description: Selects a key ofa ConfigMap.properties:key:description: The key toselect.type: stringname:description: 'Name of thereferent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other usefulfields. apiVersion, kind,uid?'type: stringoptional:description: Specify whetherthe ConfigMap or its keymust be definedtype: booleanrequired:- keytype: objectfieldRef:description: 'Selects a fieldof the pod: supports metadata.name,metadata.namespace, `metadata.labels[''<KEY>'']`,`metadata.annotations[''<KEY>'']`,spec.nodeName, spec.serviceAccountName,status.hostIP, status.podIP,status.podIPs.'properties:apiVersion:description: Version ofthe schema the FieldPathis written in terms of,defaults to "v1".type: stringfieldPath:description: Path of thefield to select in thespecified API version.type: stringrequired:- fieldPathtype: objectresourceFieldRef:description: 'Selects a resourceof the container: only resourceslimits and requests (limits.cpu,limits.memory, limits.ephemeral-storage,requests.cpu, requests.memoryand requests.ephemeral-storage)are currently supported.'properties:containerName:description: 'Containername: required for volumes,optional for env vars'type: stringdivisor:anyOf:- type: integer- type: stringdescription: Specifies theoutput format of the exposedresources, defaults to"1"pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$x-kubernetes-int-or-string: trueresource:description: 'Required:resource to select'type: stringrequired:- resourcetype: objectsecretKeyRef:description: Selects a key ofa secret in the pod's namespaceproperties:key:description: The key ofthe secret to select from.  Mustbe a valid secret key.type: stringname:description: 'Name of thereferent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other usefulfields. apiVersion, kind,uid?'type: stringoptional:description: Specify whetherthe Secret or its keymust be definedtype: booleanrequired:- keytype: objecttype: objectrequired:- nametype: objecttype: arrayenvFrom:description: List of sources to populateenvironment variables in the container.The keys defined within a source mustbe a C_IDENTIFIER. All invalid keyswill be reported as an event when thecontainer is starting. When a key existsin multiple sources, the value associatedwith the last source will take precedence.Values defined by an Env with a duplicatekey will take precedence. Cannot beupdated.items:description: EnvFromSource representsthe source of a set of ConfigMapsproperties:configMapRef:description: The ConfigMap to selectfromproperties:name:description: 'Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields.apiVersion, kind, uid?'type: stringoptional:description: Specify whetherthe ConfigMap must be definedtype: booleantype: objectprefix:description: An optional identifierto prepend to each key in theConfigMap. Must be a C_IDENTIFIER.type: stringsecretRef:description: The Secret to selectfromproperties:name:description: 'Name of the referent.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namesTODO: Add other useful fields.apiVersion, kind, uid?'type: stringoptional:description: Specify whetherthe Secret must be definedtype: booleantype: objecttype: objecttype: arrayimage:description: 'Container image name. Moreinfo: https://kubernetes.io/docs/concepts/containers/imagesThis field is optional to allow higherlevel config management to default oroverride container images in workloadcontrollers like Deployments and StatefulSets.'type: stringimagePullPolicy:description: 'Image pull policy. One ofAlways, Never, IfNotPresent. Defaultsto Always if :latest tag is specified,or IfNotPresent otherwise. Cannot beupdated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'type: stringlifecycle:description: Actions that the managementsystem should take in response to containerlifecycle events. Cannot be updated.properties:postStart:description: 'PostStart is calledimmediately after a container iscreated. If the handler fails, thecontainer is terminated and restartedaccording to its restart policy.Other management of the containerblocks until the hook completes.More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'properties:exec:description: Exec specifies theaction to take.properties:command:description: Command is thecommand line to executeinside the container, theworking directory for thecommand  is root ('/') inthe container's filesystem.The command is simply exec'd,it is not run inside a shell,so traditional shell instructions('|', etc) won't work. Touse a shell, you need toexplicitly call out to thatshell. Exit status of 0is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objecthttpGet:description: HTTPGet specifiesthe http request to perform.properties:host:description: Host name toconnect to, defaults tothe pod IP. You probablywant to set "Host" in httpHeadersinstead.type: stringhttpHeaders:description: Custom headersto set in the request. HTTPallows repeated headers.items:description: HTTPHeaderdescribes a custom headerto be used in HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to accesson the HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or numberof the port to access onthe container. Number mustbe in the range 1 to 65535.Name must be an IANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to usefor connecting to the host.Defaults to HTTP.type: stringrequired:- porttype: objecttcpSocket:description: Deprecated. TCPSocketis NOT supported as a LifecycleHandlerand kept for the backward compatibility.There are no validation of thisfield and lifecycle hooks willfail in runtime when tcp handleris specified.properties:host:description: 'Optional: Hostname to connect to, defaultsto the pod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or nameof the port to access onthe container. Number mustbe in the range 1 to 65535.Name must be an IANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objecttype: objectpreStop:description: 'PreStop is called immediatelybefore a container is terminateddue to an API request or managementevent such as liveness/startup probefailure, preemption, resource contention,etc. The handler is not called ifthe container crashes or exits.The Pod''s termination grace periodcountdown begins before the PreStophook is executed. Regardless ofthe outcome of the handler, thecontainer will eventually terminatewithin the Pod''s termination graceperiod (unless delayed by finalizers).Other management of the containerblocks until the hook completesor until the termination grace periodis reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'properties:exec:description: Exec specifies theaction to take.properties:command:description: Command is thecommand line to executeinside the container, theworking directory for thecommand  is root ('/') inthe container's filesystem.The command is simply exec'd,it is not run inside a shell,so traditional shell instructions('|', etc) won't work. Touse a shell, you need toexplicitly call out to thatshell. Exit status of 0is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objecthttpGet:description: HTTPGet specifiesthe http request to perform.properties:host:description: Host name toconnect to, defaults tothe pod IP. You probablywant to set "Host" in httpHeadersinstead.type: stringhttpHeaders:description: Custom headersto set in the request. HTTPallows repeated headers.items:description: HTTPHeaderdescribes a custom headerto be used in HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to accesson the HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or numberof the port to access onthe container. Number mustbe in the range 1 to 65535.Name must be an IANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to usefor connecting to the host.Defaults to HTTP.type: stringrequired:- porttype: objecttcpSocket:description: Deprecated. TCPSocketis NOT supported as a LifecycleHandlerand kept for the backward compatibility.There are no validation of thisfield and lifecycle hooks willfail in runtime when tcp handleris specified.properties:host:description: 'Optional: Hostname to connect to, defaultsto the pod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or nameof the port to access onthe container. Number mustbe in the range 1 to 65535.Name must be an IANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objecttype: objecttype: objectlivenessProbe:description: 'Periodic probe of containerliveness. Container will be restartedif the probe fails. Cannot be updated.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'properties:exec:description: Exec specifies the actionto take.properties:command:description: Command is the commandline to execute inside the container,the working directory for thecommand  is root ('/') in thecontainer's filesystem. Thecommand is simply exec'd, itis not run inside a shell, sotraditional shell instructions('|', etc) won't work. To usea shell, you need to explicitlycall out to that shell. Exitstatus of 0 is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objectfailureThreshold:description: Minimum consecutive failuresfor the probe to be considered failedafter having succeeded. Defaultsto 3. Minimum value is 1.format: int32type: integergrpc:description: GRPC specifies an actioninvolving a GRPC port. This is abeta field and requires enablingGRPCContainerProbe feature gate.properties:port:description: Port number of thegRPC service. Number must bein the range 1 to 65535.format: int32type: integerservice:description: "Service is the nameof the service to place in thegRPC HealthCheckRequest (seehttps://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n If this is not specified,the default behavior is definedby gRPC."type: stringrequired:- porttype: objecthttpGet:description: HTTPGet specifies thehttp request to perform.properties:host:description: Host name to connectto, defaults to the pod IP.You probably want to set "Host"in httpHeaders instead.type: stringhttpHeaders:description: Custom headers toset in the request. HTTP allowsrepeated headers.items:description: HTTPHeader describesa custom header to be usedin HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to access onthe HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or number ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to use forconnecting to the host. Defaultsto HTTP.type: stringrequired:- porttype: objectinitialDelaySeconds:description: 'Number of seconds afterthe container has started beforeliveness probes are initiated. Moreinfo: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integerperiodSeconds:description: How often (in seconds)to perform the probe. Default to10 seconds. Minimum value is 1.format: int32type: integersuccessThreshold:description: Minimum consecutive successesfor the probe to be considered successfulafter having failed. Defaults to1. Must be 1 for liveness and startup.Minimum value is 1.format: int32type: integertcpSocket:description: TCPSocket specifies anaction involving a TCP port.properties:host:description: 'Optional: Host nameto connect to, defaults to thepod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or name ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objectterminationGracePeriodSeconds:description: Optional duration inseconds the pod needs to terminategracefully upon probe failure. Thegrace period is the duration inseconds after the processes runningin the pod are sent a terminationsignal and the time when the processesare forcibly halted with a killsignal. Set this value longer thanthe expected cleanup time for yourprocess. If this value is nil, thepod's terminationGracePeriodSecondswill be used. Otherwise, this valueoverrides the value provided bythe pod spec. Value must be non-negativeinteger. The value zero indicatesstop immediately via the kill signal(no opportunity to shut down). Thisis a beta field and requires enablingProbeTerminationGracePeriod featuregate. Minimum value is 1. spec.terminationGracePeriodSecondsis used if unset.format: int64type: integertimeoutSeconds:description: 'Number of seconds afterwhich the probe times out. Defaultsto 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integertype: objectname:description: Name of the container specifiedas a DNS_LABEL. Each container in apod must have a unique name (DNS_LABEL).Cannot be updated.type: stringports:description: List of ports to expose fromthe container. Exposing a port heregives the system additional informationabout the network connections a containeruses, but is primarily informational.Not specifying a port here DOES NOTprevent that port from being exposed.Any port which is listening on the default"0.0.0.0" address inside a containerwill be accessible from the network.Cannot be updated.items:description: ContainerPort representsa network port in a single container.properties:containerPort:description: Number of port to exposeon the pod's IP address. Thismust be a valid port number, 0< x < 65536.format: int32type: integerhostIP:description: What host IP to bindthe external port to.type: stringhostPort:description: Number of port to exposeon the host. If specified, thismust be a valid port number, 0< x < 65536. If HostNetwork isspecified, this must match ContainerPort.Most containers do not need this.format: int32type: integername:description: If specified, thismust be an IANA_SVC_NAME and uniquewithin the pod. Each named portin a pod must have a unique name.Name for the port that can bereferred to by services.type: stringprotocol:default: TCPdescription: Protocol for port.Must be UDP, TCP, or SCTP. Defaultsto "TCP".type: stringrequired:- containerPort- protocoltype: objecttype: arrayx-kubernetes-list-map-keys:- containerPort- protocolx-kubernetes-list-type: mapreadinessProbe:description: 'Periodic probe of containerservice readiness. Container will beremoved from service endpoints if theprobe fails. Cannot be updated. Moreinfo: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'properties:exec:description: Exec specifies the actionto take.properties:command:description: Command is the commandline to execute inside the container,the working directory for thecommand  is root ('/') in thecontainer's filesystem. Thecommand is simply exec'd, itis not run inside a shell, sotraditional shell instructions('|', etc) won't work. To usea shell, you need to explicitlycall out to that shell. Exitstatus of 0 is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objectfailureThreshold:description: Minimum consecutive failuresfor the probe to be considered failedafter having succeeded. Defaultsto 3. Minimum value is 1.format: int32type: integergrpc:description: GRPC specifies an actioninvolving a GRPC port. This is abeta field and requires enablingGRPCContainerProbe feature gate.properties:port:description: Port number of thegRPC service. Number must bein the range 1 to 65535.format: int32type: integerservice:description: "Service is the nameof the service to place in thegRPC HealthCheckRequest (seehttps://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n If this is not specified,the default behavior is definedby gRPC."type: stringrequired:- porttype: objecthttpGet:description: HTTPGet specifies thehttp request to perform.properties:host:description: Host name to connectto, defaults to the pod IP.You probably want to set "Host"in httpHeaders instead.type: stringhttpHeaders:description: Custom headers toset in the request. HTTP allowsrepeated headers.items:description: HTTPHeader describesa custom header to be usedin HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to access onthe HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or number ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to use forconnecting to the host. Defaultsto HTTP.type: stringrequired:- porttype: objectinitialDelaySeconds:description: 'Number of seconds afterthe container has started beforeliveness probes are initiated. Moreinfo: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integerperiodSeconds:description: How often (in seconds)to perform the probe. Default to10 seconds. Minimum value is 1.format: int32type: integersuccessThreshold:description: Minimum consecutive successesfor the probe to be considered successfulafter having failed. Defaults to1. Must be 1 for liveness and startup.Minimum value is 1.format: int32type: integertcpSocket:description: TCPSocket specifies anaction involving a TCP port.properties:host:description: 'Optional: Host nameto connect to, defaults to thepod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or name ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objectterminationGracePeriodSeconds:description: Optional duration inseconds the pod needs to terminategracefully upon probe failure. Thegrace period is the duration inseconds after the processes runningin the pod are sent a terminationsignal and the time when the processesare forcibly halted with a killsignal. Set this value longer thanthe expected cleanup time for yourprocess. If this value is nil, thepod's terminationGracePeriodSecondswill be used. Otherwise, this valueoverrides the value provided bythe pod spec. Value must be non-negativeinteger. The value zero indicatesstop immediately via the kill signal(no opportunity to shut down). Thisis a beta field and requires enablingProbeTerminationGracePeriod featuregate. Minimum value is 1. spec.terminationGracePeriodSecondsis used if unset.format: int64type: integertimeoutSeconds:description: 'Number of seconds afterwhich the probe times out. Defaultsto 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integertype: objectresources:description: 'Compute Resources requiredby this container. Cannot be updated.More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'properties:limits:additionalProperties:anyOf:- type: integer- type: stringpattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$x-kubernetes-int-or-string: truedescription: 'Limits describes themaximum amount of compute resourcesallowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'type: objectrequests:additionalProperties:anyOf:- type: integer- type: stringpattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$x-kubernetes-int-or-string: truedescription: 'Requests describes theminimum amount of compute resourcesrequired. If Requests is omittedfor a container, it defaults toLimits if that is explicitly specified,otherwise to an implementation-definedvalue. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'type: objecttype: objectsecurityContext:description: 'SecurityContext definesthe security options the container shouldbe run with. If set, the fields of SecurityContextoverride the equivalent fields of PodSecurityContext.More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'properties:allowPrivilegeEscalation:description: 'AllowPrivilegeEscalationcontrols whether a process can gainmore privileges than its parentprocess. This bool directly controlsif the no_new_privs flag will beset on the container process. AllowPrivilegeEscalationis true always when the containeris: 1) run as Privileged 2) hasCAP_SYS_ADMIN Note that this fieldcannot be set when spec.os.nameis windows.'type: booleancapabilities:description: The capabilities to add/dropwhen running containers. Defaultsto the default set of capabilitiesgranted by the container runtime.Note that this field cannot be setwhen spec.os.name is windows.properties:add:description: Added capabilitiesitems:description: Capability representPOSIX capabilities typetype: stringtype: arraydrop:description: Removed capabilitiesitems:description: Capability representPOSIX capabilities typetype: stringtype: arraytype: objectprivileged:description: Run container in privilegedmode. Processes in privileged containersare essentially equivalent to rooton the host. Defaults to false.Note that this field cannot be setwhen spec.os.name is windows.type: booleanprocMount:description: procMount denotes thetype of proc mount to use for thecontainers. The default is DefaultProcMountwhich uses the container runtimedefaults for readonly paths andmasked paths. This requires theProcMountType feature flag to beenabled. Note that this field cannotbe set when spec.os.name is windows.type: stringreadOnlyRootFilesystem:description: Whether this containerhas a read-only root filesystem.Default is false. Note that thisfield cannot be set when spec.os.nameis windows.type: booleanrunAsGroup:description: The GID to run the entrypointof the container process. Uses runtimedefault if unset. May also be setin PodSecurityContext.  If set inboth SecurityContext and PodSecurityContext,the value specified in SecurityContexttakes precedence. Note that thisfield cannot be set when spec.os.nameis windows.format: int64type: integerrunAsNonRoot:description: Indicates that the containermust run as a non-root user. Iftrue, the Kubelet will validatethe image at runtime to ensure thatit does not run as UID 0 (root)and fail to start the containerif it does. If unset or false, nosuch validation will be performed.May also be set in PodSecurityContext.  Ifset in both SecurityContext andPodSecurityContext, the value specifiedin SecurityContext takes precedence.type: booleanrunAsUser:description: The UID to run the entrypointof the container process. Defaultsto user specified in image metadataif unspecified. May also be setin PodSecurityContext.  If set inboth SecurityContext and PodSecurityContext,the value specified in SecurityContexttakes precedence. Note that thisfield cannot be set when spec.os.nameis windows.format: int64type: integerseLinuxOptions:description: The SELinux context tobe applied to the container. Ifunspecified, the container runtimewill allocate a random SELinux contextfor each container.  May also beset in PodSecurityContext.  If setin both SecurityContext and PodSecurityContext,the value specified in SecurityContexttakes precedence. Note that thisfield cannot be set when spec.os.nameis windows.properties:level:description: Level is SELinuxlevel label that applies tothe container.type: stringrole:description: Role is a SELinuxrole label that applies to thecontainer.type: stringtype:description: Type is a SELinuxtype label that applies to thecontainer.type: stringuser:description: User is a SELinuxuser label that applies to thecontainer.type: stringtype: objectseccompProfile:description: The seccomp options touse by this container. If seccompoptions are provided at both thepod & container level, the containeroptions override the pod options.Note that this field cannot be setwhen spec.os.name is windows.properties:localhostProfile:description: localhostProfileindicates a profile definedin a file on the node shouldbe used. The profile must bepreconfigured on the node towork. Must be a descending path,relative to the kubelet's configuredseccomp profile location. Mustonly be set if type is "Localhost".type: stringtype:description: "type indicates whichkind of seccomp profile willbe applied. Valid options are:\n Localhost - a profile definedin a file on the node shouldbe used. RuntimeDefault - thecontainer runtime default profileshould be used. Unconfined -no profile should be applied."type: stringrequired:- typetype: objectwindowsOptions:description: The Windows specificsettings applied to all containers.If unspecified, the options fromthe PodSecurityContext will be used.If set in both SecurityContext andPodSecurityContext, the value specifiedin SecurityContext takes precedence.Note that this field cannot be setwhen spec.os.name is linux.properties:gmsaCredentialSpec:description: GMSACredentialSpecis where the GMSA admissionwebhook (https://github.com/kubernetes-sigs/windows-gmsa)inlines the contents of theGMSA credential spec named bythe GMSACredentialSpecName field.type: stringgmsaCredentialSpecName:description: GMSACredentialSpecNameis the name of the GMSA credentialspec to use.type: stringhostProcess:description: HostProcess determinesif a container should be runas a 'Host Process' container.This field is alpha-level andwill only be honored by componentsthat enable the WindowsHostProcessContainersfeature flag. Setting this fieldwithout the feature flag willresult in errors when validatingthe Pod. All of a Pod's containersmust have the same effectiveHostProcess value (it is notallowed to have a mix of HostProcesscontainers and non-HostProcesscontainers).  In addition, ifHostProcess is true then HostNetworkmust also be set to true.type: booleanrunAsUserName:description: The UserName in Windowsto run the entrypoint of thecontainer process. Defaultsto the user specified in imagemetadata if unspecified. Mayalso be set in PodSecurityContext.If set in both SecurityContextand PodSecurityContext, thevalue specified in SecurityContexttakes precedence.type: stringtype: objecttype: objectstartupProbe:description: 'StartupProbe indicates thatthe Pod has successfully initialized.If specified, no other probes are executeduntil this completes successfully. Ifthis probe fails, the Pod will be restarted,just as if the livenessProbe failed.This can be used to provide differentprobe parameters at the beginning ofa Pod''s lifecycle, when it might takea long time to load data or warm a cache,than during steady-state operation.This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'properties:exec:description: Exec specifies the actionto take.properties:command:description: Command is the commandline to execute inside the container,the working directory for thecommand  is root ('/') in thecontainer's filesystem. Thecommand is simply exec'd, itis not run inside a shell, sotraditional shell instructions('|', etc) won't work. To usea shell, you need to explicitlycall out to that shell. Exitstatus of 0 is treated as live/healthyand non-zero is unhealthy.items:type: stringtype: arraytype: objectfailureThreshold:description: Minimum consecutive failuresfor the probe to be considered failedafter having succeeded. Defaultsto 3. Minimum value is 1.format: int32type: integergrpc:description: GRPC specifies an actioninvolving a GRPC port. This is abeta field and requires enablingGRPCContainerProbe feature gate.properties:port:description: Port number of thegRPC service. Number must bein the range 1 to 65535.format: int32type: integerservice:description: "Service is the nameof the service to place in thegRPC HealthCheckRequest (seehttps://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n If this is not specified,the default behavior is definedby gRPC."type: stringrequired:- porttype: objecthttpGet:description: HTTPGet specifies thehttp request to perform.properties:host:description: Host name to connectto, defaults to the pod IP.You probably want to set "Host"in httpHeaders instead.type: stringhttpHeaders:description: Custom headers toset in the request. HTTP allowsrepeated headers.items:description: HTTPHeader describesa custom header to be usedin HTTP probesproperties:name:description: The headerfield nametype: stringvalue:description: The headerfield valuetype: stringrequired:- name- valuetype: objecttype: arraypath:description: Path to access onthe HTTP server.type: stringport:anyOf:- type: integer- type: stringdescription: Name or number ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truescheme:description: Scheme to use forconnecting to the host. Defaultsto HTTP.type: stringrequired:- porttype: objectinitialDelaySeconds:description: 'Number of seconds afterthe container has started beforeliveness probes are initiated. Moreinfo: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integerperiodSeconds:description: How often (in seconds)to perform the probe. Default to10 seconds. Minimum value is 1.format: int32type: integersuccessThreshold:description: Minimum consecutive successesfor the probe to be considered successfulafter having failed. Defaults to1. Must be 1 for liveness and startup.Minimum value is 1.format: int32type: integertcpSocket:description: TCPSocket specifies anaction involving a TCP port.properties:host:description: 'Optional: Host nameto connect to, defaults to thepod IP.'type: stringport:anyOf:- type: integer- type: stringdescription: Number or name ofthe port to access on the container.Number must be in the range1 to 65535. Name must be anIANA_SVC_NAME.x-kubernetes-int-or-string: truerequired:- porttype: objectterminationGracePeriodSeconds:description: Optional duration inseconds the pod needs to terminategracefully upon probe failure. Thegrace period is the duration inseconds after the processes runningin the pod are sent a terminationsignal and the time when the processesare forcibly halted with a killsignal. Set this value longer thanthe expected cleanup time for yourprocess. If this value is nil, thepod's terminationGracePeriodSecondswill be used. Otherwise, this valueoverrides the value provided bythe pod spec. Value must be non-negativeinteger. The value zero indicatesstop immediately via the kill signal(no opportunity to shut down). Thisis a beta field and requires enablingProbeTerminationGracePeriod featuregate. Minimum value is 1. spec.terminationGracePeriodSecondsis used if unset.format: int64type: integertimeoutSeconds:description: 'Number of seconds afterwhich the probe times out. Defaultsto 1 second. Minimum value is 1.More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'format: int32type: integertype: objectstdin:description: Whether this container shouldallocate a buffer for stdin in the containerruntime. If this is not set, reads fromstdin in the container will always resultin EOF. Default is false.type: booleanstdinOnce:description: Whether the container runtimeshould close the stdin channel afterit has been opened by a single attach.When stdin is true the stdin streamwill remain open across multiple attachsessions. If stdinOnce is set to true,stdin is opened on container start,is empty until the first client attachesto stdin, and then remains open andaccepts data until the client disconnects,at which time stdin is closed and remainsclosed until the container is restarted.If this flag is false, a container processesthat reads from stdin will never receivean EOF. Default is falsetype: booleanterminationMessagePath:description: 'Optional: Path at whichthe file to which the container''s terminationmessage will be written is mounted intothe container''s filesystem. Messagewritten is intended to be brief finalstatus, such as an assertion failuremessage. Will be truncated by the nodeif greater than 4096 bytes. The totalmessage length across all containerswill be limited to 12kb. Defaults to/dev/termination-log. Cannot be updated.'type: stringterminationMessagePolicy:description: Indicate how the terminationmessage should be populated. File willuse the contents of terminationMessagePathto populate the container status messageon both success and failure. FallbackToLogsOnErrorwill use the last chunk of containerlog output if the termination messagefile is empty and the container exitedwith an error. The log output is limitedto 2048 bytes or 80 lines, whicheveris smaller. Defaults to File. Cannotbe updated.type: stringtty:description: Whether this container shouldallocate a TTY for itself, also requires'stdin' to be true. Default is false.type: booleanvolumeDevices:description: volumeDevices is the listof block devices to be used by the container.items:description: volumeDevice describesa mapping of a raw block device withina container.properties:devicePath:description: devicePath is the pathinside of the container that thedevice will be mapped to.type: stringname:description: name must match thename of a persistentVolumeClaimin the podtype: stringrequired:- devicePath- nametype: objecttype: arrayvolumeMounts:description: Pod volumes to mount intothe container's filesystem. Cannot beupdated.items:description: VolumeMount describes amounting of a Volume within a container.properties:mountPath:description: Path within the containerat which the volume should bemounted.  Must not contain ':'.type: stringmountPropagation:description: mountPropagation determineshow mounts are propagated fromthe host to container and theother way around. When not set,MountPropagationNone is used.This field is beta in 1.10.type: stringname:description: This must match theName of a Volume.type: stringreadOnly:description: Mounted read-only iftrue, read-write otherwise (falseor unspecified). Defaults to false.type: booleansubPath:description: Path within the volumefrom which the container's volumeshould be mounted. Defaults to"" (volume's root).type: stringsubPathExpr:description: Expanded path withinthe volume from which the container'svolume should be mounted. Behavessimilarly to SubPath but environmentvariable references $(VAR_NAME)are expanded using the container'senvironment. Defaults to "" (volume'sroot). SubPathExpr and SubPathare mutually exclusive.type: stringrequired:- mountPath- nametype: objecttype: arrayworkingDir:description: Container's working directory.If not specified, the container runtime'sdefault will be used, which might beconfigured in the container image. Cannotbe updated.type: stringrequired:- nametype: objecttype: arraytimeout:description: Timeout defines the maximum amountof time Velero should wait for the initContainersto complete.type: stringtype: objecttype: objecttype: arrayrequired:- nametype: objecttype: arraytype: objectincludeClusterResources:description: IncludeClusterResources specifies whether cluster-scopedresources should be included for consideration in the restore.If null, defaults to true.nullable: truetype: booleanincludedNamespaces:description: IncludedNamespaces is a slice of namespace names toinclude objects from. If empty, all namespaces are included.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources is a slice of resource names to includein the restore. If empty, all resources in the backup are included.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector is a metav1.LabelSelector to filter withwhen restoring individual objects from the backup. If empty ornil, all objects are included. Optional.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selector requirements.The requirements are ANDed.items:description: A label selector requirement is a selector thatcontains values, a key, and an operator that relates thekey and values.properties:key:description: key is the label key that the selector appliesto.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn, Existsand DoesNotExist.type: stringvalues:description: values is an array of string values. If theoperator is In or NotIn, the values array must be non-empty.If the operator is Exists or DoesNotExist, the valuesarray must be empty. This array is replaced during astrategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs. A single{key,value} in the matchLabels map is equivalent to an elementof matchExpressions, whose key field is "key", the operatoris "In", and the values array contains only "value". The requirementsare ANDed.type: objecttype: objectnamespaceMapping:additionalProperties:type: stringdescription: NamespaceMapping is a map of source namespace namesto target namespace names to restore into. Any source namespacesnot included in the map will be restored into namespaces of thesame name.type: objectorLabelSelectors:description: OrLabelSelectors is list of metav1.LabelSelector tofilter with when restoring individual objects from the backup.If multiple provided they will be joined by the OR operator. LabelSelectoras well as OrLabelSelectors cannot co-exist in restore request,only one of them can be useditems:description: A label selector is a label query over a set of resources.The result of matchLabels and matchExpressions are ANDed. Anempty label selector matches all objects. A null label selectormatches no objects.properties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator that relatesthe key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn,Exists and DoesNotExist.type: stringvalues:description: values is an array of string values. Ifthe operator is In or NotIn, the values array mustbe non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replacedduring a strategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs. Asingle {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key field is "key",the operator is "In", and the values array contains only"value". The requirements are ANDed.type: objecttype: objectnullable: truetype: arraypreserveNodePorts:description: PreserveNodePorts specifies whether to restore oldnodePorts from backup.nullable: truetype: booleanrestorePVs:description: RestorePVs specifies whether to restore all includedPVs from snapshot (via the cloudprovider).nullable: truetype: booleanrestoreStatus:description: RestoreStatus specifies which resources we should restorethe status field. If nil, no objects are included. Optional.nullable: trueproperties:excludedResources:description: ExcludedResources specifies the resources to whichwill not restore the status.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources specifies the resources to whichwill restore the status. If empty, it applies to all resources.items:type: stringnullable: truetype: arraytype: objectscheduleName:description: ScheduleName is the unique name of the Velero scheduleto restore from. If specified, and BackupName is empty, Velerowill restore from the most recent successful backup created fromthis schedule.type: stringrequired:- backupNametype: objectstatus:description: RestoreStatus captures the current status of a Velero restoreproperties:completionTimestamp:description: CompletionTimestamp records the time the restore operationwas completed. Completion time is recorded even on failed restore.The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringerrors:description: Errors is a count of all error messages that were generatedduring execution of the restore. The actual errors are storedin object storage.type: integerfailureReason:description: FailureReason is an error that caused the entire restoreto fail.type: stringphase:description: Phase is the current state of the Restoreenum:- New- FailedValidation- InProgress- Completed- PartiallyFailed- Failedtype: stringprogress:description: Progress contains information about the restore's executionprogress. Note that this information is best-effort only -- ifVelero fails to update it during a restore for any reason, itmay be inaccurate/stale.nullable: trueproperties:itemsRestored:description: ItemsRestored is the number of items that haveactually been restored so fartype: integertotalItems:description: TotalItems is the total number of items to be restored.This number may change throughout the execution of the restoredue to plugins that return additional related items to restoretype: integertype: objectstartTimestamp:description: StartTimestamp records the time the restore operationwas started. The server's time is used for StartTimestampsformat: date-timenullable: truetype: stringvalidationErrors:description: ValidationErrors is a slice of all validation errors(if applicable)items:type: stringnullable: truetype: arraywarnings:description: Warnings is a count of all warning messages that weregenerated during execution of the restore. The actual warningsare stored in object storage.type: integertype: objecttype: objectserved: truestorage: true
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: schedules.velero.iospec:group: velero.ionames:kind: SchedulelistKind: ScheduleListplural: schedulessingular: schedulescope: Namespacedversions:- additionalPrinterColumns:- description: Status of the schedulejsonPath: .status.phasename: Statustype: string- description: A Cron expression defining when to run the BackupjsonPath: .spec.schedulename: Scheduletype: string- description: The last time a Backup was run for this schedulejsonPath: .status.lastBackupname: LastBackuptype: date- jsonPath: .metadata.creationTimestampname: Agetype: datename: v1schema:openAPIV3Schema:description: Schedule is a Velero resource that represents a pre-scheduledor periodic Backup that should be run.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: ScheduleSpec defines the specification for a Velero scheduleproperties:schedule:description: Schedule is a Cron expression defining when to runthe Backup.type: stringtemplate:description: Template is the definition of the Backup to be runon the provided scheduleproperties:csiSnapshotTimeout:description: CSISnapshotTimeout specifies the time used to waitfor CSI VolumeSnapshot status turns to ReadyToUse during creation,before returning error as timeout. The default value is 10minute.type: stringdefaultVolumesToRestic:description: DefaultVolumesToRestic specifies whether resticshould be used to take a backup of all pod volumes by default.type: booleanexcludedNamespaces:description: ExcludedNamespaces contains a list of namespacesthat are not included in the backup.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources is a slice of resource namesthat are not included in the backup.items:type: stringnullable: truetype: arrayhooks:description: Hooks represent custom behaviors that should beexecuted at different phases of the backup.properties:resources:description: Resources are hooks that should be executedwhen backing up individual instances of a resource.items:description: BackupResourceHookSpec defines one or moreBackupResourceHooks that should be executed based onthe rules defined for namespaces, resources, and labelselector.properties:excludedNamespaces:description: ExcludedNamespaces specifies the namespacesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayexcludedResources:description: ExcludedResources specifies the resourcesto which this hook spec does not apply.items:type: stringnullable: truetype: arrayincludedNamespaces:description: IncludedNamespaces specifies the namespacesto which this hook spec applies. If empty, it appliesto all namespaces.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources specifies the resourcesto which this hook spec applies. If empty, it appliesto all resources.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector, if specified, filtersthe resources to which this hook spec applies.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of labelselector requirements. The requirements areANDed.items:description: A label selector requirement isa selector that contains values, a key, andan operator that relates the key and values.properties:key:description: key is the label key that theselector applies to.type: stringoperator:description: operator represents a key'srelationship to a set of values. Validoperators are In, NotIn, Exists and DoesNotExist.type: stringvalues:description: values is an array of stringvalues. If the operator is In or NotIn,the values array must be non-empty. Ifthe operator is Exists or DoesNotExist,the values array must be empty. This arrayis replaced during a strategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value}pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions,whose key field is "key", the operator is "In",and the values array contains only "value".The requirements are ANDed.type: objecttype: objectname:description: Name is the name of this hook.type: stringpost:description: PostHooks is a list of BackupResourceHooksto execute after storing the item in the backup.These are executed after all "additional items"from item actions are processed.items:description: BackupResourceHook defines a hook fora resource.properties:exec:description: Exec defines an exec hook.properties:command:description: Command is the command andarguments to execute.items:type: stringminItems: 1type: arraycontainer:description: Container is the containerin the pod where the command should beexecuted. If not specified, the pod'sfirst container is used.type: stringonError:description: OnError specifies how Veleroshould behave if it encounters an errorexecuting this hook.enum:- Continue- Failtype: stringtimeout:description: Timeout defines the maximumamount of time Velero should wait forthe hook to complete before consideringthe execution a failure.type: stringrequired:- commandtype: objectrequired:- exectype: objecttype: arraypre:description: PreHooks is a list of BackupResourceHooksto execute prior to storing the item in the backup.These are executed before any "additional items"from item actions are processed.items:description: BackupResourceHook defines a hook fora resource.properties:exec:description: Exec defines an exec hook.properties:command:description: Command is the command andarguments to execute.items:type: stringminItems: 1type: arraycontainer:description: Container is the containerin the pod where the command should beexecuted. If not specified, the pod'sfirst container is used.type: stringonError:description: OnError specifies how Veleroshould behave if it encounters an errorexecuting this hook.enum:- Continue- Failtype: stringtimeout:description: Timeout defines the maximumamount of time Velero should wait forthe hook to complete before consideringthe execution a failure.type: stringrequired:- commandtype: objectrequired:- exectype: objecttype: arrayrequired:- nametype: objectnullable: truetype: arraytype: objectincludeClusterResources:description: IncludeClusterResources specifies whether cluster-scopedresources should be included for consideration in the backup.nullable: truetype: booleanincludedNamespaces:description: IncludedNamespaces is a slice of namespace namesto include objects from. If empty, all namespaces are included.items:type: stringnullable: truetype: arrayincludedResources:description: IncludedResources is a slice of resource namesto include in the backup. If empty, all resources are included.items:type: stringnullable: truetype: arraylabelSelector:description: LabelSelector is a metav1.LabelSelector to filterwith when adding individual objects to the backup. If emptyor nil, all objects are included. Optional.nullable: trueproperties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator that relatesthe key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn,Exists and DoesNotExist.type: stringvalues:description: values is an array of string values.If the operator is In or NotIn, the values arraymust be non-empty. If the operator is Exists orDoesNotExist, the values array must be empty. Thisarray is replaced during a strategic merge patch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs.A single {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key field is"key", the operator is "In", and the values array containsonly "value". The requirements are ANDed.type: objecttype: objectmetadata:properties:labels:additionalProperties:type: stringtype: objecttype: objectorLabelSelectors:description: OrLabelSelectors is list of metav1.LabelSelectorto filter with when adding individual objects to the backup.If multiple provided they will be joined by the OR operator.LabelSelector as well as OrLabelSelectors cannot co-existin backup request, only one of them can be used.items:description: A label selector is a label query over a setof resources. The result of matchLabels and matchExpressionsare ANDed. An empty label selector matches all objects.A null label selector matches no objects.properties:matchExpressions:description: matchExpressions is a list of label selectorrequirements. The requirements are ANDed.items:description: A label selector requirement is a selectorthat contains values, a key, and an operator thatrelates the key and values.properties:key:description: key is the label key that the selectorapplies to.type: stringoperator:description: operator represents a key's relationshipto a set of values. Valid operators are In, NotIn,Exists and DoesNotExist.type: stringvalues:description: values is an array of string values.If the operator is In or NotIn, the values arraymust be non-empty. If the operator is Exists orDoesNotExist, the values array must be empty.This array is replaced during a strategic mergepatch.items:type: stringtype: arrayrequired:- key- operatortype: objecttype: arraymatchLabels:additionalProperties:type: stringdescription: matchLabels is a map of {key,value} pairs.A single {key,value} in the matchLabels map is equivalentto an element of matchExpressions, whose key field is"key", the operator is "In", and the values array containsonly "value". The requirements are ANDed.type: objecttype: objectnullable: truetype: arrayorderedResources:additionalProperties:type: stringdescription: OrderedResources specifies the backup order ofresources of specific Kind. The map key is the Kind name andvalue is a list of resource names separated by commas. Eachresource name has format "namespace/resourcename".  For clusterresources, simply use "resourcename".nullable: truetype: objectsnapshotVolumes:description: SnapshotVolumes specifies whether to take cloudsnapshots of any PV's referenced in the set of objects includedin the Backup.nullable: truetype: booleanstorageLocation:description: StorageLocation is a string containing the nameof a BackupStorageLocation where the backup should be stored.type: stringttl:description: TTL is a time.Duration-parseable string describinghow long the Backup should be retained for.type: stringvolumeSnapshotLocations:description: VolumeSnapshotLocations is a list containing namesof VolumeSnapshotLocations associated with this backup.items:type: stringtype: arraytype: objectuseOwnerReferencesInBackup:description: UseOwnerReferencesBackup specifies whether to use OwnerReferenceson backups created by this Schedule.nullable: truetype: booleanrequired:- schedule- templatetype: objectstatus:description: ScheduleStatus captures the current state of a Velero scheduleproperties:lastBackup:description: LastBackup is the last time a Backup was run for thisSchedule scheduleformat: date-timenullable: truetype: stringphase:description: Phase is the current phase of the Scheduleenum:- New- Enabled- FailedValidationtype: stringvalidationErrors:description: ValidationErrors is a slice of all validation errors(if applicable)items:type: stringtype: arraytype: objecttype: objectserved: truestorage: truesubresources: {}
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: serverstatusrequests.velero.iospec:group: velero.ionames:kind: ServerStatusRequestlistKind: ServerStatusRequestListplural: serverstatusrequestsshortNames:- ssrsingular: serverstatusrequestscope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: ServerStatusRequest is a request to access current status informationabout the Velero server.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: ServerStatusRequestSpec is the specification for a ServerStatusRequest.type: objectstatus:description: ServerStatusRequestStatus is the current status of a ServerStatusRequest.properties:phase:description: Phase is the current lifecycle phase of the ServerStatusRequest.enum:- New- Processedtype: stringplugins:description: Plugins list information about the plugins runningon the Velero serveritems:description: PluginInfo contains attributes of a Velero pluginproperties:kind:type: stringname:type: stringrequired:- kind- nametype: objectnullable: truetype: arrayprocessedTimestamp:description: ProcessedTimestamp is when the ServerStatusRequestwas processed by the ServerStatusRequestController.format: date-timenullable: truetype: stringserverVersion:description: ServerVersion is the Velero server version.type: stringtype: objecttype: objectserved: truestorage: true
- apiVersion: apiextensions.k8s.io/v1kind: CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version: v0.7.0creationTimestamp: nulllabels:component: veleroname: volumesnapshotlocations.velero.iospec:group: velero.ionames:kind: VolumeSnapshotLocationlistKind: VolumeSnapshotLocationListplural: volumesnapshotlocationssingular: volumesnapshotlocationscope: Namespacedversions:- name: v1schema:openAPIV3Schema:description: VolumeSnapshotLocation is a location where Velero stores volumesnapshots.properties:apiVersion:description: 'APIVersion defines the versioned schema of this representationof an object. Servers should convert recognized schemas to the latestinternal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'type: stringkind:description: 'Kind is a string value representing the REST resourcethis object represents. Servers may infer this from the endpoint theclient submits requests to. Cannot be updated. In CamelCase. Moreinfo: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'type: stringmetadata:type: objectspec:description: VolumeSnapshotLocationSpec defines the specification fora Velero VolumeSnapshotLocation.properties:config:additionalProperties:type: stringdescription: Config is for provider-specific configuration fields.type: objectprovider:description: Provider is the provider of the volume storage.type: stringrequired:- providertype: objectstatus:description: VolumeSnapshotLocationStatus describes the current statusof a Velero VolumeSnapshotLocation.properties:phase:description: VolumeSnapshotLocationPhase is the lifecycle phaseof a Velero VolumeSnapshotLocation.enum:- Available- Unavailabletype: stringtype: objecttype: objectserved: truestorage: true
- apiVersion: v1kind: Namespacemetadata:creationTimestamp: nulllabels:component: veleroname: velerospec: {}
- apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata:creationTimestamp: nulllabels:component: veleroname: veleroroleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-adminsubjects:- kind: ServiceAccountname: veleronamespace: velero
- apiVersion: v1kind: ServiceAccountmetadata:creationTimestamp: nulllabels:component: veleroname: veleronamespace: velero
- apiVersion: v1data:cloud: W2RlZmF1bHRdCmF3c19hY2Nlc3Nfa2V5X2lkPW1pbmlvYWRtaW4KYXdzX3NlY3JldF9hY2Nlc3Nfa2V5PW1pbmlvYWRtaW4Kkind: Secretmetadata:creationTimestamp: nulllabels:component: veleroname: cloud-credentialsnamespace: velerotype: Opaque
- apiVersion: velero.io/v1kind: BackupStorageLocationmetadata:creationTimestamp: nulllabels:component: veleroname: defaultnamespace: velerospec:config:region: minios3ForcePathStyle: "true"s3Url: http://192.168.123.11:39111default: trueobjectStorage:bucket: veleroprovider: aws
- apiVersion: apps/v1kind: Deploymentmetadata:creationTimestamp: nulllabels:component: veleroname: veleronamespace: velerospec:selector:matchLabels:deploy: velerostrategy: {}template:metadata:annotations:prometheus.io/path: /metricsprometheus.io/port: "8085"prometheus.io/scrape: "true"creationTimestamp: nulllabels:component: velerodeploy: velerospec:containers:- args:- server- --features=command:- /veleroenv:- name: VELERO_SCRATCH_DIRvalue: /scratch- name: VELERO_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespace- name: LD_LIBRARY_PATHvalue: /plugins- name: GOOGLE_APPLICATION_CREDENTIALSvalue: /credentials/cloud- name: AWS_SHARED_CREDENTIALS_FILEvalue: /credentials/cloud- name: AZURE_CREDENTIALS_FILEvalue: /credentials/cloud- name: ALIBABA_CLOUD_CREDENTIALS_FILEvalue: /credentials/cloudimage: velero/velero:v1.9.4imagePullPolicy: IfNotPresentname: veleroports:- containerPort: 8085name: metricsresources:limits:cpu: "1"memory: 512Mirequests:cpu: 500mmemory: 128MivolumeMounts:- mountPath: /pluginsname: plugins- mountPath: /scratchname: scratch- mountPath: /credentialsname: cloud-credentialsinitContainers:- image: velero/velero-plugin-for-aws:v1.5.0imagePullPolicy: IfNotPresentname: velero-velero-plugin-for-awsresources: {}volumeMounts:- mountPath: /targetname: pluginsrestartPolicy: AlwaysserviceAccountName: velerovolumes:- emptyDir: {}name: plugins- emptyDir: {}name: scratch- name: cloud-credentialssecret:secretName: cloud-credentials
- apiVersion: apps/v1kind: DaemonSetmetadata:creationTimestamp: nulllabels:component: veleroname: resticnamespace: velerospec:selector:matchLabels:name: restictemplate:metadata:creationTimestamp: nulllabels:component: veleroname: resticspec:containers:- args:- restic- server- --features=command:- /veleroenv:- name: NODE_NAMEvalueFrom:fieldRef:fieldPath: spec.nodeName- name: VELERO_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespace- name: VELERO_SCRATCH_DIRvalue: /scratch- name: GOOGLE_APPLICATION_CREDENTIALSvalue: /credentials/cloud- name: AWS_SHARED_CREDENTIALS_FILEvalue: /credentials/cloud- name: AZURE_CREDENTIALS_FILEvalue: /credentials/cloud- name: ALIBABA_CLOUD_CREDENTIALS_FILEvalue: /credentials/cloudimage: velero/velero:v1.9.4imagePullPolicy: IfNotPresentname: resticresources:limits:cpu: "1"memory: 1Girequests:cpu: 500mmemory: 512MivolumeMounts:- mountPath: /host_podsmountPropagation: HostToContainername: host-pods- mountPath: /scratchname: scratch- mountPath: /credentialsname: cloud-credentialssecurityContext:runAsUser: 0serviceAccountName: velerovolumes:- hostPath:path: /var/lib/kubelet/podsname: host-pods- emptyDir: {}name: scratch- name: cloud-credentialssecret:secretName: cloud-credentialsupdateStrategy: {}
kind: List

apply以上的部署清单文件,很快的就可以安装完毕了,查看如下pod,正常运行表示安装完毕:

[root@node4 ~]# k get po -n velero 
NAME                     READY   STATUS    RESTARTS   AGE
restic-2wkqs             1/1     Running   0          5h54m
restic-kw2wl             1/1     Running   0          5h54m
restic-qv6rn             1/1     Running   0          5h54m
restic-ssfrg             1/1     Running   0          5h54m
velero-fbb9469f6-vf4z5   1/1     Running   0          5h54m

四,

kubernetes集群全量资源备份

[root@node4 ~]# v backup create test
Backup request "test" submitted successfully.
Run `velero backup describe test` or `velero backup logs test` for more details.

查看是否备份成功(只有complete是成功的,其它的备份是不可用的):

NAME   STATUS      ERRORS   WARNINGS   CREATED                         EXPIRES   STORAGE LOCATION   SELECTOR
test   Completed   0        0          2023-12-30 20:31:18 +0800 CST   29d       default            <none>

查看备份详情:

详情里说了所有资源都备份,总共备份了487个单位

[root@node4 ~]# v backup describe test
Name:         test
Namespace:    velero
Labels:       velero.io/storage-location=default
Annotations:  velero.io/source-cluster-k8s-gitversion=v1.23.16velero.io/source-cluster-k8s-major-version=1velero.io/source-cluster-k8s-minor-version=23Phase:  CompletedErrors:    0
Warnings:  0Namespaces:Included:  *Excluded:  <none>Resources:Included:        *Excluded:        <none>Cluster-scoped:  autoLabel selector:  <none>Storage Location:  defaultVelero-Native Snapshot PVs:  autoTTL:  720h0m0sHooks:  <none>Backup Format Version:  1.1.0Started:    2023-12-30 20:31:18 +0800 CST
Completed:  2023-12-30 20:31:28 +0800 CSTExpiration:  2024-01-29 20:31:18 +0800 CSTTotal items to be backed up:  487
Items backed up:              487Velero-Native Snapshots: <none included>

从minio下载下来的备份文件,里面都是JSON格式的

 

恢复:

计划恢复的目标是下面的这些

[root@node4 nginx-app]# k get po -n nginx-example 
NAME                                READY   STATUS    RESTARTS   AGE
nginx-deployment-5c844b66c8-7rrz8   1/1     Running   0          81s
nginx-deployment-5c844b66c8-szbg4   1/1     Running   0          81s

 现在先删除nginx-example这个命名空间:

[root@node4 nginx-app]# k delete ns nginx-example 
namespace "nginx-example" deleted

开始恢复:

[root@node4 nginx-app]# v restore create --from-backup=test
Restore request "test-20231230204606" submitted successfully.
Run `velero restore describe test-20231230204606` or `velero restore logs test-20231230204606` for more details.

查看恢复状态:

可以看到,在执行恢复,稍等片刻

[root@node4 nginx-app]# v restore get
NAME                  BACKUP   STATUS       STARTED                         COMPLETED   ERRORS   WARNINGS   CREATED                         SELECTOR
test-20231230204606   test     InProgress   2023-12-30 20:46:06 +0800 CST   <nil>       0        0          2023-12-30 20:46:06 +0800 CST   <none>
[root@node4 nginx-app]# v restore get
NAME                  BACKUP   STATUS      STARTED                         COMPLETED                       ERRORS   WARNINGS   CREATED                         SELECTOR
test-20231230204606   test     Completed   2023-12-30 20:46:06 +0800 CST   2023-12-30 20:46:52 +0800 CST   0        65         2023-12-30 20:46:06 +0800 CST   <none>

查看恢复日志,没有输出表示恢复正常:

[root@node4 nginx-app]# v restore logs test-20231230204606 |grep error

说明:velero的恢复策略是目标资源存在将会跳过,恢复的时候不会检查image版本等等过于细节的地方,也就是说不会覆盖回退,只有删除回退。

查看日志我们应该可以得出这个比较明显的结论:

[root@node4 nginx-app]# v restore logs test-20231230205200 |grep skip
time="2023-12-30T12:52:07Z" level=info msg="Restore of StorageClass, local-storage skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of PersistentVolume, minio skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of PersistentVolumeClaim, data-minio-0 skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of Secret, default-token-24xhh skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of Secret, default-token-sj6wz skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of Secret, default-token-xzlz5 skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200
time="2023-12-30T12:52:07Z" level=info msg="Restore of Secret, attachdetach-controller-token-fbrwk skipped: it already exists in the cluster and is the same as the backed up version" logSource="pkg/restore/restore.go:1382" restore=velero/test-20231230205200

五,

velero的部分资源备份和恢复:

单独备份指定的namespace

[root@node4 nginx-app]# v backup create test1 --include-namespaces=nginx-example
Backup request "test1" submitted successfully.
Run `velero backup describe test1` or `velero backup logs test1` for more details.

查看备份详情:

[root@node4 nginx-app]# v backup describe test1
Name:         test1
Namespace:    velero
Labels:       velero.io/storage-location=default
Annotations:  velero.io/source-cluster-k8s-gitversion=v1.23.16velero.io/source-cluster-k8s-major-version=1velero.io/source-cluster-k8s-minor-version=23Phase:  CompletedErrors:    0
Warnings:  0Namespaces:Included:  nginx-exampleExcluded:  <none>Resources:Included:        *Excluded:        <none>Cluster-scoped:  autoLabel selector:  <none>Storage Location:  defaultVelero-Native Snapshot PVs:  autoTTL:  720h0m0sHooks:  <none>Backup Format Version:  1.1.0Started:    2023-12-30 21:25:02 +0800 CST
Completed:  2023-12-30 21:25:04 +0800 CSTExpiration:  2024-01-29 21:25:02 +0800 CSTTotal items to be backed up:  23
Items backed up:              23Velero-Native Snapshots: <none included>

使用此备份恢复,并查看恢复情况:

[root@node4 nginx-app]# k delete ns nginx-example 
namespace "nginx-example" deleted
[root@node4 nginx-app]# v restore create --from-backup=test1
Restore request "test1-20231230212744" submitted successfully.
Run `velero restore describe test1-20231230212744` or `velero restore logs test1-20231230212744` for more details.
[root@node4 nginx-app]# k get po -n nginx-example 
NAME                                READY   STATUS    RESTARTS   AGE
nginx-deployment-5c844b66c8-7rrz8   1/1     Running   0          4s
nginx-deployment-5c844b66c8-szbg4   1/1     Running   0          4s

这个备份恢复迁移到其它namespace nginx1:

[root@node4 nginx-app]# v restore create --from-backup=test1 --namespace-mappings nginx-example:nginx1
Restore request "test1-20231230220044" submitted successfully.
Run `velero restore describe test1-20231230220044` or `velero restore logs test1-20231230220044` for more details.
[root@node4 nginx-app]# v restore get
NAME                   BACKUP   STATUS      STARTED                         COMPLETED                       ERRORS   WARNINGS   CREATED                         SELECTOR
test-20231230204606    test     Completed   2023-12-30 20:46:06 +0800 CST   2023-12-30 20:46:52 +0800 CST   0        65         2023-12-30 20:46:06 +0800 CST   <none>
test-20231230205200    test     Completed   2023-12-30 20:52:00 +0800 CST   2023-12-30 20:52:52 +0800 CST   0        65         2023-12-30 20:52:00 +0800 CST   <none>
test-20231230212059    test     Completed   2023-12-30 21:20:59 +0800 CST   2023-12-30 21:21:46 +0800 CST   0        67         2023-12-30 21:20:59 +0800 CST   <none>
test1-20231230212744   test1    Completed   2023-12-30 21:27:44 +0800 CST   2023-12-30 21:27:50 +0800 CST   0        1          2023-12-30 21:27:44 +0800 CST   <none>
test1-20231230220044   test1    Completed   2023-12-30 22:00:44 +0800 CST   2023-12-30 22:00:50 +0800 CST   0        1          2023-12-30 22:00:44 +0800 CST   <none>
[root@node4 nginx-app]# k get po -n nginx1
NAME                                READY   STATUS    RESTARTS   AGE
nginx-deployment-5c844b66c8-7rrz8   1/1     Running   0          22s
nginx-deployment-5c844b66c8-szbg4   1/1     Running   0          22s

当然了,全备的test里也可以抽namespace出来恢复:

[root@node4 nginx-app]# v restore create --from-backup=test --namespace-mappings nginx-example:nginx3
Restore request "test-20231230220230" submitted successfully.
Run `velero restore describe test-20231230220230` or `velero restore logs test-20231230220230` for more details.
[root@node4 nginx-app]# v restore create --from-backup=test --namespace-mappings kube-system:nginx3
Restore request "test-20231230220613" submitted successfully.
Run `velero restore describe test-20231230220613` or `velero restore logs test-20231230220613` for more details.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
No resources found in nginx3 namespace.
[root@node4 nginx-app]# k get po -n nginx3
NAME                                       READY   STATUS              RESTARTS   AGE
calico-kube-controllers-84897d7cdf-crnmk   0/1     ContainerCreating   0          1s
calico-node-2m7hp                          0/1     Init:0/2            0          1s
calico-node-5ztjk                          0/1     Init:0/2            0          1s
calico-node-96dmb                          0/1     Init:0/2            0          1s
calico-node-rqp2p                          0/1     Init:0/2            0          0s
coredns-b7c47bcdc-6vdk2                    0/1     ContainerCreating   0          0s
coredns-b7c47bcdc-db9cp                    0/1     ContainerCreating   0          0s
kube-proxy-649mn                           0/1     Pending             0          0s
kube-proxy-7q7ts                           0/1     ContainerCreating   0          0s
kube-proxy-dmd7v                           0/1     Pending             0          0s


单独的pod备份就不需要使用velero了,直接kubectl get deploy -n namespace -oyaml 就可以了

注意:velero restore 恢复不会覆盖已有的资源,只恢复当前集群中不存在的资源。已有的资源不会回滚到之前的版本,如需要回滚,需在restore之前提前删除现有的资源。
 

–include-resources
备份集群中的所有 deployments:

  velero backup create <backup-name> --include-resources deployments
恢复集群中的所有 deployments 和 configmaps。

  velero restore create <backup-name> --include-resources deployments,configmaps
在 namespace 中备份 deployments。

  velero backup create <backup-name> --include-resources deployments --include-namespaces <namespace>

–selector
包括与 label selector 匹配的资源。

velero backup create <backup-name> --selector <key>=<value>
Excludes
从备份中排除特定资源。

通配符排除将被忽略。

–exclude-namespaces
Exclude kube-system from the cluster backup.

  velero backup create <backup-name> --exclude-namespaces kube-system
还原期间排除两个 namespace。

  velero restore create <backup-name> --exclude-namespaces <namespace1>,<namespace2>
–exclude-resources
从备份中排除 secrets:

  velero backup create <backup-name> --exclude-resources secrets
排除 secrets 和 rolebindings:

  velero backup create <backup-name> --exclude-resources secrets,rolebindings
 




自动计划备份:

这里说明一下,ttl过期时间可以免去一些备份文件的管理工作,当然普通的备份也可以指定这个过期时间

# 每日1点进行备份
velero create schedule <SCHEDULE NAME> --schedule="0 1 * * *"
# 每日1点进行备份,备份保留72小时
velero create schedule <SCHEDULE NAME> --schedule="0 1 * * *" --ttl 72h
# 每5小时进行一次备份
velero create schedule <SCHEDULE NAME> --schedule="@every 5h"
# 每日对 指定 namespace 进行一次备份 (如dev)
velero create schedule <SCHEDULE NAME> --schedule="@every 24h" --include-namespaces dev[root@node4 nginx-app]# v create schedule test --schedule="0 0 * * *" --ttl=72h
Schedule "test" created successfully.
[root@node4 nginx-app]# v schedule get
NAME   STATUS    CREATED                         SCHEDULE    BACKUP TTL   LAST BACKUP   SELECTOR
test   Enabled   2023-12-30 22:29:11 +0800 CST   0 0 * * *   72h0m0s      n/a           <none>

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/news/586337.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

啊?这也算事务?!

作者简介&#xff1a;大家好&#xff0c;我是smart哥&#xff0c;前中兴通讯、美团架构师&#xff0c;现某互联网公司CTO 联系qq&#xff1a;184480602&#xff0c;加我进群&#xff0c;大家一起学习&#xff0c;一起进步&#xff0c;一起对抗互联网寒冬 学习必须往深处挖&…

uni-app封装表格组件

组件代码&#xff1a; <template><view><uni-table class"tableBox" border stripe emptyText""><!-- 表头行 --><uni-tr class"tableTr"><uni-th :sortable"item.sortable" :class"item.sort…

【人工智能新闻】2023年人工智能热门新闻

欢迎收看我们的特别版时事通讯&#xff0c;重点报道“2023年人工智能热门新闻”今年是人工智能领域的里程碑&#xff0c;展示了重塑技术和我们日常生活的突破性进步和创新。从大型企业投资到革命性的技术发布&#xff0c;2023年的每个月都带来了非凡的成就。 加入我们&#xf…

LLM提示词工程学习_Day01

LLM提示词工程学习_Day01 安装学习环境基础Conda环境安装安装Python安装所需的包Jupyter Notebook 安装获取OpenAI API KEY&#xff0c;并写入工程目录里的.env文件进入Jupyter&#xff0c;先跑一段代码 安装学习环境 基础Conda环境安装 conda环境安装&#xff0c;miniconda也…

AI大模型:无需训练让LLM支持超长输入

显式搜索: 知识库外挂 paper: Unleashing Infinite-Length Input Capacity for Large-scale Language Models with Self-Controlled Memory System 看到最无敌的应用&#xff0c;文本和表格解析超厉害https://chatdoc.com/?viaurlainavpro.com ChatGPT代码实现: GitHub - ar…

【neo4j】desktop下载

【neo4j】desktop下载 https://neo4j.com/download/ 点击download&#xff0c;填写表格 之后就可以正常使用了

智慧园区物联综合管理平台感知对象管理能力简述

物联感知对象管理, 不局限于物理传感设备, 还包括物联业务对象, 平台提供标准的设备建模能力以及标准的物联设备、 第三方物联系统SDK接入方案等; 实现对感知对象运行、 报警、 故障状态的反馈以及物联感知对象全生命周期信息管理。 基础定义配置 平台提供物联网目感知对…

Halcon纹理分析texture_laws/trans_from_rgb

Halcon纹理分析 文章目录 Halcon纹理分析1. 纹理滤波器2. 织物折痕检测 纹理是图像表面的一种灰度变化。有的纹理很规则&#xff0c;会以局部小区域为单元重复出现&#xff0c;而有的纹理则呈现出随机性。对于规则的纹理&#xff0c;可以很容易地从中分辨出重复的区域&#xff…

最新版 BaseRecyclerViewAdapterHelper4:4.1.2 最简单的QuickViewHolder用法,最简洁的代码,复制可用

为了照顾新手&#xff0c;尽量详细&#xff0c;高手勿喷&#xff01;&#xff01;&#xff01; 怕麻烦的话可以直接下载源码&#xff1a;https://download.csdn.net/download/ERP_LXKUN_JAK/88678044?spm1001.2014.3001.5503 先看文件结构&#xff0c;是不是很简单 AndroidSt…

【Pytorch】学习记录分享10——PyTorchTextCNN用于文本分类处理

【Pytorch】学习记录分享10——PyTorchTextCNN用于文本分类处理 1. TextCNN用于文本分类2. 代码实现 1. TextCNN用于文本分类 具体流程&#xff1a; 2. 代码实现 # coding: UTF-8 import torch import torch.nn as nn import torch.nn.functional as F import numpy as np…

【C++】STL 容器 - set 集合容器 ⑦ ( 查找元素 - set#find 函数 | 获取元素个数 - set#count 函数 )

文章目录 一、查找元素 - set#find 函数1、函数原型 简介2、代码示例 - set#find 函数 二、获取元素个数 - set#count 函数1、函数原型 简介2、代码示例 - set#find 函数 一、查找元素 - set#find 函数 1、函数原型 简介 在 C 语言的 STL 标准模板库 , std::set 集合容器 是一个…

数据分析硬核工具Origin各版本安装指南

下载链接 https://pan.baidu.com/s/12mENFtRFdNaLzVKmE6w_Uw?pwd0531 1.鼠标右击【Origin 2022(64bit)】压缩包&#xff08;win11及以上系统需先点击显示更多“选项”&#xff09;选择【解压到 Origin 2022(64bit)】。 2.双击打开解压后的【Origin 2022(64bit)】文件夹。 3.…

Python学习 - 爬虫系统架构设计

主要业务流程 初始请求请求过滤器请求队列响应下载器数据解析器数据清洗器存储器 设计图 master slave&#xff1a;master控制队列&#xff0c;过滤&#xff0c;传递任务&#xff1b;slave负责执行 缺点&#xff1a;master和slave端交互数据频繁&#xff0c;slave的数据进出…

图文证明 牛顿-莱布尼茨公式

牛顿-莱布尼茨公式 牛顿-莱布尼茨公式是微积分中的基本定理之一&#xff0c;它描述了函数的导数和不定积分之间的关系。 该公式通常用来计算定积分。设函数f(x)在区间[a, b]上连续&#xff0c;且F(x)是f(x)在该区间上的一个原函数 即F’(x) f(x)。则牛顿-莱布尼茨公式表示为&…

【AIGC-图片生成视频系列-2】八仙过海,各显神通:AI生成视频相关汇总剖析

最近「图片生成视频系列」层出不穷&#xff0c;我拜读并结合实践&#xff08;对&#xff0c;就是手撕代码&#xff0c;有开源就撕&#xff09;&#xff0c;并对以下几篇文章的相似点以及关键点稍微做个总结&#xff1a; 一. 生成视频中图像的一致性 在图像生成视频的这个过程…

提升CSC加分项|高职教师赴新西兰惠灵顿维多利亚大学访学交流

S老师科研背景条件一般&#xff0c;担心无法获得邀请函及通过CSC审批。我们建议&#xff1a;1.以加强国际合作和跨学科合作的方式&#xff0c;增强高职院校的影响力&#xff0c;为CSC评审提供加分项&#xff1b;2.同时申报4月份的国家公派和5月份的西部/地方合作项目&#xff0…

Java进阶(第八期): Java中递归的的使用和递归解决一些算法问题 Java中的异常机制、异常的处理逻辑 自定义异常

文章目录 一、递归1.1 递归的介绍1.2 递归的简单练习1.3 图解递归执行流程&#xff1a;1.4 使用递归完成悲波那契数列1.5 猴子吃桃子问题 二、异常三 、异常的处理逻辑3.1 try catch 捕获异常3.2 throws抛出异常 四、自定义异常 Java进阶&#xff08;第八期&#xff09; 一、递…

2、gdb常用功能2

1.4、线程 程序避免不了涉及到多线程.常用指令如下. 命令简写形式说明info thread显示当前进程内所有线程信息thread 切换到num线程thread find 寻找regexp在gdb中的idinfo address 结合上述图片理解&#xff0c;第一列的id是gdb内部为线程排序的一个id&#xff0c;第三列中…

行人重识别(ReID)基础知识入门

这里写目录标题 1、ReID技术概述1.1 基本原理1.2 实现流程1.3 重识别存在的技术挑战 2、训练数据格式介绍 1、ReID技术概述 1.1 基本原理 ReID&#xff0c;全称Re-identification&#xff0c;目的是利用各种智能算法在图像数据库中找到与要搜索的目标相似的对象。ReID是图像检…

Eureka服务注册与发现

1. Eureka简介 Eureka采用了CS的设计架构&#xff0c;Eureka Server 作为服务注册功能的服务器&#xff0c;它是服务注册中心。而系统中的其他微服务&#xff0c;使用 Eureka的客户端连接到 Eureka Server并维持心跳连接。这样系统的维护人员就可以通过 Eureka Server 来监控系…