Kubernetes エクステンション
Quarkusは、 dekorate を使用して、妥当なデフォルトとユーザーが提供する設定に基づいて Kubernetes リソースを自動的に生成する機能を提供しています。現在、バニラ Kubernetes、OpenShift、および Knative のリソースの生成をサポートしています。さらに、Quarkusは、生成されたマニフェストをターゲットクラスターの API Server に適用することで、ターゲット Kubernetes クラスターにアプリケーションをデプロイすることができます。最後に、コンテナーイメージエクステンションのいずれかが存在する場合 (詳細は container image guide を参照)、Quarkus では、ターゲットプラットフォームにアプリケーションをデプロイする 前 に、コンテナーイメージを作成してレジストリーにプッシュする機能があります。
前提条件
このガイドを完成させるには、以下が必要です:
-
約15分
-
IDE
-
JDK 17+がインストールされ、
JAVA_HOME
が適切に設定されていること -
Apache Maven 3.9.8
-
使用したい場合は、 Quarkus CLI
-
Kubernetesクラスターへのアクセス(Minikubeは有効な選択肢です)
Kubernetes
Kubernetes エクステンションとJib エクステンションの両方を含む新しいプロジェクトを作成してみましょう。
Windowsユーザーの場合:
-
cmdを使用する場合、(バックスラッシュ
\
を使用せず、すべてを同じ行に書かないでください)。 -
Powershellを使用する場合は、
-D
パラメータを二重引用符で囲んでください。例:"-DprojectArtifactId=kubernetes-quickstart"
これにより、ビルドファイルに以下の依存関係が追加されました。
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-rest</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-kubernetes</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-container-image-jib</artifactId>
</dependency>
implementation("io.quarkus:quarkus-rest")
implementation("io.quarkus:quarkus-kubernetes")
implementation("io.quarkus:quarkus-container-image-jib")
これらの依存関係を追加することで、ビルドを実行するたびに Kubernetes マニフェストの生成を可能にし、同時に Jib を使ったコンテナーイメージのビルドを可能にします。たとえば、以下を実行した後、
quarkus build
./mvnw install
./gradlew build
作成された他のファイルの中に kubernetes.json
と kubernetes.yml
という名前の 2 つのファイルが target/kubernetes/
ディレクトリーにあることに気づくでしょう。
どちらのファイルを見ても、Kubernetes Deployment
と Service
両方が含まれていることに気づくでしょう。
kubernetes.json
ファイルの完全なソースは以下の通りです:
{
{
"apiVersion" : "apps/v1",
"kind" : "Deployment",
"metadata" : {
"annotations": {
"app.quarkus.io/vcs-uri" : "<some url>",
"app.quarkus.io/commit-id" : "<some git SHA>",
},
"labels" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT",
},
"name" : "test-quarkus-app"
},
"spec" : {
"replicas" : 1,
"selector" : {
"matchLabels" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT",
}
},
"template" : {
"metadata" : {
"labels" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT"
}
},
"spec" : {
"containers" : [ {
"env" : [ {
"name" : "KUBERNETES_NAMESPACE",
"valueFrom" : {
"fieldRef" : {
"fieldPath" : "metadata.namespace"
}
}
} ],
"image" : "yourDockerUsername/test-quarkus-app:1.0.0-SNAPSHOT",
"imagePullPolicy" : "Always",
"name" : "test-quarkus-app"
} ]
}
}
}
},
{
"apiVersion" : "v1",
"kind" : "Service",
"metadata" : {
"annotations": {
"app.quarkus.io/vcs-uri" : "<some url>",
"app.quarkus.io/commit-id" : "<some git SHA>",
},
"labels" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT",
},
"name" : "test-quarkus-app"
},
"spec" : {
"ports" : [ {
"name" : "http",
"port" : 8080,
"targetPort" : 8080
} ],
"selector" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT"
},
"type" : "ClusterIP"
}
}
}
生成されたマニフェストは、 kubectl
を使用してプロジェクトのルートからクラスターに適用することができます。
kubectl apply -f target/kubernetes/kubernetes.json
Deployment
(または StatefulSet
) について注意すべき重要なことは、Pod
のコンテナーイメージとして yourDockerUsername/test-quarkus-app:1.0.0-SNAPSHOT
を使用していることです。イメージの名前は Jib エクステンションによって制御され、通常の application.properties
を利用してカスタマイズすることができます。
例えば、次のような設定の場合:
quarkus.container-image.group=quarkus #optional, default to the system username
quarkus.container-image.name=demo-app #optional, defaults to the application name
quarkus.container-image.tag=1.0 #optional, defaults to the application version
生成されたマニフェストで使用されるイメージは quarkus/demo-app:1.0
となります
冪等性リソースの生成
Kubernetesマニフェストを生成する際、Quarkusは自動的にいくつかのラベルとアノテーションを追加し、生成日やバージョンに関する追加情報を提供します。例えば、以下のようなものです:
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
app.quarkus.io/commit-id: 0f8b87788bc446a9347a7961bea8a60889fe1494
app.quarkus.io/build-timestamp: 2023-02-10 - 13:07:51 +0000
labels:
app.kubernetes.io/managed-by: quarkus
app.kubernetes.io/version: 0.0.1-SNAPSHOT
app.kubernetes.io/name: example
name: example
spec:
...
app.quarkus.io/commit-id
, app.quarkus.io/build-timestamp
ラベルと app.kubernetes.io/version
アノテーションは、Kubernetes マニフェストを再ビルドするたびに変わる可能性があり、Git-Ops ツールを使用してこれらのリソースをデプロイしたいときに問題になることがあります(これらのツールは違いを検出し、したがって再デプロイを実行するため)。
生成されるリソースをGit-Opsに対応させ、冪等なリソース(ソースをビルドするたびに変化しないリソース)だけを生成するには、次のプロパティを追加する必要があります:
quarkus.kubernetes.idempotent=true
また、デフォルトでは生成されたリソースが作成されるディレクトリは target/kubernetes
です。これを変更するには次を使用する必要があります:
quarkus.kubernetes.output-directory=target/kubernetes-with-idempotent
なお、プロパティ |
生成されるデプロイメントリソースの変更
Deployment
リソースの他に、 StatefulSet
、 Job
、 CronJob
リソースの代わりに application.properties
を生成することもできます:
quarkus.kubernetes.deployment-kind=StatefulSet
Job リソースの生成
Job リソースを生成する場合は、 application.properties
で以下のプロパティを追加する必要があります。
quarkus.kubernetes.deployment-kind=Job
Picocliエクステンションを使用している場合、デフォルトでJobリソースが生成されます。 |
Kubernetes Jobで使用される引数は、プロパティ quarkus.kubernetes.arguments
で指定できます。例えば、`quarkus.kubernetes.arguments=A,B`というプロパティを追加することで。
最後に、OpenShiftにインストールされる度にKubernetesのJobは毎回起動されます。KubernetesのJobの実行方法については、こちらの リンク で詳しく解説しています。
You can configure the rest of the Kubernetes Job configuration using the properties under quarkus.kubernetes.job.xxx
(see link).
CronJob リソースの生成
CronJob リソースを生成したい場合、 application.properties
で以下のプロパティを追加する必要があります。
quarkus.kubernetes.deployment-kind=CronJob
# Cron expression to run the job every hour
quarkus.kubernetes.cron-job.schedule=0 * * * *
CronJob リソースは、 Cron 式がプロパティ quarkus.openshift.cron-job.schedule を介してジョブを起動するタイミングを指定することを必要とします。提供されない場合、ビルドは失敗します。
|
You can configure the rest of the Kubernetes CronJob configuration using the properties under quarkus.kubernetes.cron-job.xxx
(see link).
名前空間
デフォルトでは、Quarkusは生成されたマニフェストの名前空間を省略し、 default
名前空間を強制しません。つまり、 kubectl
(以下の例では test
)を使用している場合は、選択したネームスペースにマニフェストを適用することができます。
kubectl apply -f target/kubernetes/kubernetes.json -n=test
マニフェストで名前空間を指定するには、 application.properties
の中で次のプロパティによってカスタマイズします。
quarkus.kubernetes.namespace=mynamespace
Docker レジストリーの定義
Docker レジストリーは、以下のプロパティーで指定できます。
quarkus.container-image.registry=my.docker-registry.net
前のセクションで説明したコンテナーイメージプロパティーと一緒にこのプロパティーを追加すると、生成されるマニフェストではイメージ my.docker-registry.net/quarkus/demo-app:1.0
を使用するようになります。次のセクションで明らかになるように、生成されるマニフェストでカスタマイズできるのはイメージだけではありません。
プル・シークレットの自動生成
Dockerレジストリを使用する場合、ユーザーはしばしばクレデンシャルを提供し、ビルド中にイメージがビルドされ、指定されたレジストリにプッシュされます。
quarkus.container-image.username=myusername
quarkus.container-image.password=mypassword
Kubernetesは、レジストリからイメージをプルする際にもこれらのクレデンシャルを必要とします。そこで、イメージプルシークレットが使用されます。イメージプルシークレットは、必要なクレデンシャルを含む特別な種類のシークレットです。Quarkusでは、以下の時、このシークレットを自動的に生成して設定できます:
quarkus.kubernetes.generate-image-pull-secret=true
具体的には以下のような「シークレット」が生成されます:
apiVersion: v1
kind: Secret
metadata:
name: test-quarkus-app-pull-secret
data:
".dockerconfigjson": ewogCSJhdXRocyI6IHsKCQkibXkucmVnaXN0eS5vcmciOiB7CiAJCQkiYXV0aCI6ImJYbDFjMlZ5Ym1GdFpUcHRlWEJoYzNOM2IzSmsiCgkJfQoJfQp9
type: kubernetes.io/dockerconfigjson
また、 test-quarkus-app-pull-secret
が imagePullSecrets
リストに追加されます。
ラベルとアノテーション
ラベル
生成されたマニフェストには、Kubernetes 推奨のラベルが使用されます。これらのラベルは、 quarkus.kubernetes.name
, quarkus.kubernetes.version
および quarkus.kubernetes.part-of
を使用してカスタマイズすることができます。例えば、 application.properties
に以下の設定を追加してください:
quarkus.kubernetes.part-of=todo-app
quarkus.kubernetes.name=todo-rest
quarkus.kubernetes.version=1.0-rc.1
OpenShift のセクションで詳しく説明しているように、OpenShift (または Knative) のプロパティーのカスタマイズは同じ方法で行いますが、
|
生成されたリソースのラベルは次のようになります:
"labels" : {
"app.kubernetes.io/part-of" : "todo-app",
"app.kubernetes.io/name" : "todo-rest",
"app.kubernetes.io/version" : "1.0-rc.1"
}
以下の設定を適用することで、
|
Custom Labels
追加のカスタムラベルを追加するには、例えば foo=bar
を設定する場合、以下の設定を適用するだけです。
quarkus.kubernetes.labels.foo=bar
quarkus-container-image-jib エクステンションモジュールを使用してコンテナイメージを作成する場合、前述のプロパティーを介して追加されたラベルも生成されたコンテナイメージに追加されます。
|
環境変数
Kubernetesでは、環境変数を定義する方法が複数用意されています。
-
キー/値のペア
-
Secret または ConfigMap からすべての値をインポート
-
Secret または ConfigMap の指定されたフィールドで識別される単一の値を補間
-
同じリソース内のフィールドから値を補間
キー/値のペアからの環境変数
生成されたリソースに環境変数としてキーとバリューのペアを追加する場合:
quarkus.kubernetes.env.vars.my-env-var=foobar
上のコマンドは MY_ENV_VAR=foobar
を環境変数として追加します。キー my-env-var
は大文字に変換され、ダッシュはアンダースコアに置き換えられて MY_ENV_VAR
となることに注意してください。
シークレットからの環境変数
Secret
のすべてのキーと値のペアを環境変数として追加するには、以下の設定を適用し、ソースとして使用する各 Secret
をカンマ ( ,
) で区切ってください。
quarkus.kubernetes.env.secrets=my-secret,my-other-secret
とすると、コンテナの定義に以下のようなものが生成されます。
envFrom:
- secretRef:
name: my-secret
optional: false
- secretRef:
name: my-other-secret
optional: false
以下は、 my-secret
Secret から keyName
フィールドで識別される値を foo
環境変数に抽出します。
quarkus.kubernetes.env.mapping.foo.from-secret=my-secret
quarkus.kubernetes.env.mapping.foo.with-key=keyName
これにより、コンテナの env
セクションに以下のようなものが生成されます。
- env:
- name: FOO
valueFrom:
secretKeyRef:
key: keyName
name: my-secret
optional: false
It is also possible to add a prefix when you are generating env from Secret, the following configuration creates environment variable from Secret with key foo
adding a prefix BAR
:
quarkus.kubernetes.env.secrets=foo
quarkus.kubernetes.env.using-prefix."BAR".for-secret=foo
これにより、コンテナの env
セクションに以下のようなものが生成されます。
- env:
envFrom:
- secretRef:
name: foo
prefix: BAR
ConfigMap から環境変数を取得
ConfigMap
からのすべてのキーと値のペアを環境変数として追加するには、以下の設定を適用し、ソースとして使用する各 ConfigMap
をカンマ ( ,
) で区切ってください。
quarkus.kubernetes.env.configmaps=my-config-map,another-config-map
とすると、コンテナの定義に以下のようなものが生成されます。
envFrom:
- configMapRef:
name: my-config-map
optional: false
- configMapRef:
name: another-config-map
optional: false
以下は、 my-config-map
ConfigMap から keyName
フィールドで識別される値を foo
環境変数に抽出したものです。
quarkus.kubernetes.env.mapping.foo.from-configmap=my-configmap
quarkus.kubernetes.env.mapping.foo.with-key=keyName
これにより、コンテナの env
セクションに以下のようなものが生成されます。
- env:
- name: FOO
valueFrom:
configMapKeyRef:
key: keyName
name: my-configmap
optional: false
It is also possible to add a prefix when you are generating env from ConfigMap, the following configuration creates environment variable from ConfigMap with key foo
adding a prefix BAR
:
quarkus.kubernetes.env.configmaps=foo
quarkus.kubernetes.prefixes."BAR".for-configmap=foo
これにより、コンテナの env
セクションに以下のようなものが生成されます。
- env:
envFrom:
- configMapRef:
name: foo
prefix: BAR
フィールドからの環境変数
また、以下のように、ソースとして使用するフィールドのパスを指定することで、別のフィールドの値を使用して新しい環境変数を追加することも可能です。
quarkus.kubernetes.env.fields.foo=metadata.name
OpenShift の項で詳しく説明していますが、OpenShift のプロパティーのカスタマイズも同じ方法で行いますが、
|
バリデーション
例えば、誤って両方の値を代入したり、変数がフィールドから派生したものであることを指定したりするなど、2つの定義の間で競合が発生すると、ビルド時にエラーが発生します。そのため、問題の原因を診断するのが困難なクラスターにアプリケーションをデプロイする前に問題を修正する機会を得ることができます。
同様に、同じシークレットからのインジェクションを2回定義するなど、2つの冗長な定義があっても問題は発生しませんが、その定義を複製することを意図していなかった可能性があることを知らせる警告が実際に報告されます。
下位互換性
Kubernetes エクステンションの以前のバージョンでは、環境変数を追加するための異なる構文をサポートしていました。古い構文はまだサポートされていますが、非推奨ですので、新しい構文に移行することをお勧めします。
旧 |
新 |
||
素の変数 |
|
|
|
フィールドから |
|
|
|
すべての |
|
|
|
すべての |
|
|
|
ある |
|
|
|
|
|
||
ある |
|
|
|
|
|
古い文法を残した状態で新しい文法を使って同じ変数を再定義した場合、 新しいバージョン のみ が保持され、問題を通知するために警告が発せられます。例えば、quarkus.kubernetes.env-vars.my-env-var.value=foobar と quarkus.kubernetes.env.vars.my-env-var=newValue の両方を定義した場合、エクステンションは環境変数 MY_ENV_VAR=newValue のみを生成して警告を発します。
|
ボリュームのマウント
Kubernetes エクステンションを使用すると、アプリケーションのボリュームとマウントの両方を設定することができます。 簡単な設定で任意のボリュームをマウントすることができます。
quarkus.kubernetes.mounts.my-volume.path=/where/to/mount
これにより、Pod のパス /where/to/mount
にボリューム my-volume
のマウントを追加します。 ボリューム自体は、以下のセクションに示すように設定することができます。
アプリケーション設定の受け渡し
Quarkus は、(Smallrye Config を介して) 外部の場所から設定を渡すことをサポートしています。これには通常、追加の環境変数またはシステムプロパティーを設定する必要があります。アプリケーション設定の目的でシークレットまたは設定マップを使用する必要がある場合は、次のことを行う必要があります。
-
ボリュームを定義する
-
ボリュームをマウントする
-
SMALLRYE_CONFIG_LOCATIONS
の環境変数を作成する
物事を単純化するために、Quarkus はシングルステップの代替手段を提供しています。
quarkus.kubernetes.app-secret=<name of the secret containing the configuration>
または
quarkus.kubernetes.app-config-map=<name of the config map containing the configuration>
これらのプロパティを使用すると、生成されたマニフェストには必要なものがすべて含まれます。 アプリケーションのコンフィグボリュームは、Secret と ConfigMap にそれぞれパスを使用して作成されます。Secret と ConfigMap はそれぞれ /mnt/app-secret
と /mnt/app-config-map
を使用して作成されます。
注:ユーザーは両方のプロパティを同時に使用することができます。
rediness および liveness プローブを追加する
デフォルトでは、Kubernetesリソースは、生成された Deployment
の中に readiness と liveness のプローブを含みません。しかし、これらを追加するには、以下のように SmallRye Health エクステンションを追加するだけです。
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-smallrye-health</artifactId>
</dependency>
implementation("io.quarkus:quarkus-smallrye-health")
The values of the generated probes will be determined by the configured health properties: quarkus.smallrye-health.root-path
, quarkus.smallrye-health.liveness-path
and quarkus.smallrye-health.readiness-path
.
More information about the health extension can be found in the relevant guide.
readiness probeのカスタマイズ
プローブの初期遅延を 20 秒、周期を 45 秒に設定します。
quarkus.kubernetes.readiness-probe.initial-delay=20s
quarkus.kubernetes.readiness-probe.period=45s
hostAliases の追加
Podの /etc/hosts
ファイルにエントリを追加するには(詳細は Kubernetes のドキュメント を参照)、以下の設定を適用するだけです。
quarkus.kubernetes.hostaliases."10.0.0.0".hostnames=foo.com,bar.org
これにより、 deployment
定義の中に以下の hostAliases
セクションが生成されます。
kind: Deployment
spec:
template:
spec:
hostAliases:
- hostnames:
- foo.com
- bar.org
ip: 10.0.0.0
コンテナリソース管理
CPUやメモリの制限やリクエストは、以下の設定で Container
(詳細は Kubernetes のドキュメント を参照) に適用することができます。
quarkus.kubernetes.resources.requests.memory=64Mi
quarkus.kubernetes.resources.requests.cpu=250m
quarkus.kubernetes.resources.limits.memory=512Mi
quarkus.kubernetes.resources.limits.cpu=1000m
これにより、 container
セクションに以下のエントリが生成されます。
containers:
- resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 250m
memory: 64Mi
アプリケーションをKubernetesに公開
Kubernetes は、 Ingress リソース を使用してアプリケーションを公開します。Ingress リソースを生成するには、次の設定を適用するだけです。
quarkus.kubernetes.ingress.expose=true
この場合、以下のような Ingress リソースが生成されます。
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
app.quarkus.io/commit-id: a58d2211c86f07a47d4b073ea9ce000d2c6828d5
app.quarkus.io/build-timestamp: 2022-06-29 - 13:22:41 +0000
labels:
app.kubernetes.io/name: kubernetes-with-ingress
app.kubernetes.io/version: 0.1-SNAPSHOT
name: kubernetes-with-ingress
spec:
rules:
- http:
paths:
- backend:
service:
name: kubernetes-with-ingress
port:
name: http
path: /
pathType: Prefix
これらのリソースを Kubernetes にデプロイすると、Ingress リソースによって、セキュリティーで保護されていない接続がアプリケーションに到達できるようになります。
Ingressルールの追加
生成されたIngressリソースのデフォルトの host
、 path
プロパティをカスタマイズするには、次の設定を適用する必要があります:
quarkus.kubernetes.ingress.expose=true
# To change the Ingress host. By default, it's empty.
quarkus.kubernetes.ingress.host=prod.svc.url
# To change the Ingress path of the generated Ingress rule. By default, it's "/".
quarkus.kubernetes.ports.http.path=/prod
この場合、以下のような Ingress リソースが生成されます。
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
labels:
app.kubernetes.io/name: kubernetes-with-ingress
app.kubernetes.io/version: 0.1-SNAPSHOT
name: kubernetes-with-ingress
spec:
rules:
- host: prod.svc.url
http:
paths:
- backend:
service:
name: kubernetes-with-ingress
port:
name: http
path: /prod
pathType: Prefix
以下の設定を適用することで、新しいIngressルールを追加することもできます:
# Example to add a new rule
quarkus.kubernetes.ingress.rules.1.host=dev.svc.url
quarkus.kubernetes.ingress.rules.1.path=/dev
quarkus.kubernetes.ingress.rules.1.path-type=ImplementationSpecific
# by default, path type is Prefix
# Example to add a new rule that use another service binding
quarkus.kubernetes.ingress.rules.2.host=alt.svc.url
quarkus.kubernetes.ingress.rules.2.path=/ea
quarkus.kubernetes.ingress.rules.2.service-name=updated-service
quarkus.kubernetes.ingress.rules.2.service-port-name=tcpurl
この場合、以下のような Ingress リソースが生成されます。
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
labels:
app.kubernetes.io/name: kubernetes-with-ingress
app.kubernetes.io/version: 0.1-SNAPSHOT
name: kubernetes-with-ingress
spec:
rules:
- host: prod.svc.url
http:
paths:
- backend:
service:
name: kubernetes-with-ingress
port:
name: http
path: /prod
pathType: Prefix
- host: dev.svc.url
http:
paths:
- backend:
service:
name: kubernetes-with-ingress
port:
name: http
path: /dev
pathType: ImplementationSpecific
- host: alt.svc.url
http:
paths:
- backend:
service:
name: updated-service
port:
name: tcpurl
path: /ea
pathType: Prefix
Ingressリソースの保護
着信接続を保護するために、Kubernetes では、TLS 秘密鍵と証明書を含むシークレットを指定することで、Ingress リソース内で TLS を有効にすることができます。 "tls.secret-name" プロパティーを追加するだけで、安全な Ingress リソースを生成できます。
quarkus.kubernetes.ingress.expose=true
## Ingress TLS configuration:
quarkus.kubernetes.ingress.tls.my-secret.enabled=true
この設定では、以下のようなセキュアな Ingress リソースが生成されます。
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
...
name: kubernetes-with-secure-ingress
spec:
rules:
...
tls:
- secretName: my-secret
これで、Kubernetes は、 "my-secret" という名前のシークレット内で提供された証明書を使用して、SSL を使用してすべての着信接続を検証します。
シークレットの作成方法の詳細については、 こちら を参照してください。 |
Kubernetes クライアントの使用
Kubernetesにデプロイされ、APIサーバにアクセスする必要があるアプリケーションは、通常 kubernetes-client
エクステンションを利用します。
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-kubernetes-client</artifactId>
</dependency>
implementation("io.quarkus:quarkus-kubernetes-client")
Kubernetesクラスタ内からAPIサーバにアクセスするには、いくつかのRBAC関連リソースが必要です(ServiceAccountやRoleBindingなど)。 kubernetes-client
エクステンションの使い方を簡単にするために、 kubernetes
エクステンションは、"view"という名前のクラスタロールをアプリケーションのServiceAccountリソースにバインドするRoleBindingリソースを生成します。クラスタロール"view"は自動生成されないので、クラスタに"view"という名前のクラスタロールがすでにインストールされていることが期待されます。
一方、 quarkus.kubernetes.rbac.role-bindings
のプロパティを使用して、生成するロール、サブジェクト、ロールバインディングを完全にカスタマイズすることができます。もし存在すれば、 kubernetes-client
エクステンションはそれを使用するので、RoleBindingリソースは生成しません。
プロパティ |
RBACリソースの生成
シナリオによっては、Kubernetesが他のリソースへのアクセスを許可または制限するために使用される追加の RBAC リソースを生成する必要があります。例えば、今回のユースケースでは、インストールされているデプロイのリストを読む必要のある Kubernetesオペレーター を構築しています。これを行うには、オペレータにサービスアカウントを割り当て、このサービスアカウントとDeploymentリソースへのアクセスを許可するロールをリンクする必要があります。 quarkus.kubernetes.rbac
のプロパティを使用して、この方法を確認してみましょう:
# Generate the Role resource with name "my-role" (1)
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.api-groups=extensions,apps
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.resources=deployments
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.verbs=list
1 | この例では、デプロイメントのリストを取得するためのポリシールールを持つロール"my-role"が生成されることになります。 |
デフォルトでは、1つのロールが設定されている場合、このロールとServiceAccountリソースをリンクするためのRoleBindingリソースも生成されます。
さらに、生成されるRBACリソースをよりコントロールすることができます:
# Generate Role resource with name "my-role" (1)
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.api-groups=extensions,apps
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.resources=deployments
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.verbs=get,watch,list
# Generate ServiceAccount resource with name "my-service-account" in namespace "my_namespace" (2)
quarkus.kubernetes.rbac.service-accounts.my-service-account.namespace=my_namespace
# Bind Role "my-role" with ServiceAccount "my-service-account" (3)
quarkus.kubernetes.rbac.role-bindings.my-role-binding.subjects.my-service-account.kind=ServiceAccount
quarkus.kubernetes.rbac.role-bindings.my-role-binding.subjects.my-service-account.namespace=my_namespace
quarkus.kubernetes.rbac.role-bindings.my-role-binding.role-name=my-role
1 | この例では、指定されたポリシールールでロール "my-role" が生成されます。 |
2 | また、サービスアカウント "my-service-account" が生成されます。 |
3 | そして、生成されたRoleBindingリソースは、使用するロールとサブジェクトを選択することで設定することができます。 |
最後に、以下のように"ClusterRole"種類のクラスタワイドロールリソースと"ClusterRoleBinding"リソースを生成することもできます:
# Generate ClusterRole resource with name "my-cluster-role" (1)
quarkus.kubernetes.rbac.cluster-roles.my-cluster-role.policy-rules.0.api-groups=extensions,apps
quarkus.kubernetes.rbac.cluster-roles.my-cluster-role.policy-rules.0.resources=deployments
quarkus.kubernetes.rbac.cluster-roles.my-cluster-role.policy-rules.0.verbs=get,watch,list
# Bind the ClusterRole "my-cluster-role" with the application service account
quarkus.kubernetes.rbac.cluster-role-bindings.my-cluster-role-binding.subjects.manager.kind=Group
quarkus.kubernetes.rbac.cluster-role-bindings.my-cluster-role-binding.subjects.manager.api-group=rbac.authorization.k8s.io
quarkus.kubernetes.rbac.cluster-role-bindings.my-cluster-role-binding.role-name=my-cluster-role (2)
1 | この例では、指定されたポリシールールでクラスタロール"my-cluster-role"が生成されることになります。 |
2 | 使用するClusterRoleリソースの名前です。Roleリソースは名前空間ベースであるため、ClusterRoleBindingリソースでは使用できません。 |
ローカルKubernetesへのデプロイ
ローカルのKubernetes環境にデプロイするとき、ユーザーは開発プロセスを簡素化するために、マニフェストにマイナーな変更を行うことがよくあります。 最も一般的な変更は次のとおりです:
-
imagePullPolicy
にIfNotPresent
をセット -
Service
のtypeとしてNodePort
を使用
Quarkusには、これらのオプションをデフォルトで設定するエクステンションがあります。 そのようなエクステンションは以下のとおりです:
-
quarkus-minikube
-
quarkus-kind
エクステンションのリストが使用しているツール(例:Docker Desktop、microk8sなど)と一致しない場合は、 quarkus-minikube
のエクステンションを使用することをお勧めします。
そのデフォルト値は殆どの環境で妥当なためです。
Minikube へのデプロイ
Minikube は、開発目的でKubernetesクラスタが必要な場合に非常に人気があります。Minikubeへのデプロイをできるだけ摩擦のないものにするために、Quarkusは quarkus-minikube
エクステンションを提供しています。このエクステンションは、以下のようなプロジェクトに追加することができます。
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-minikube</artifactId>
</dependency>
implementation("io.quarkus:quarkus-minikube")
このエクステンションの目的は、Minikube に合わせた Kubernetes マニフェスト (minikube.yaml
および minikube.json
) を生成することです。このエクステンションは、いくつかのことを前提としています。
-
ユーザーはイメージレジストリを使用せず、コンテナイメージをMinikubeのDockerデーモンに直接ビルドしてKubernetesクラスタにアクセスできるようにします。MinikubeのDockerデーモンを使用するには、まず実行する必要があります。
eval $(minikube -p minikube docker-env)
-
Kubernetesにデプロイされたアプリケーションは、Kubernetesの
Ingress
ではなく、NodePort
Service
としてアクセスされます。 この方法の利点は、アプリケーションのURLを実行することで、アプリケーションのURLを簡単に取得できることです。minikube service list
この場合に使用される nodePort を制御するために、ユーザーは quarkus.kubernetes.node-port
を設定することができます。 しかし、何も設定されていない場合、Quarkusは自動的に適切な(変更されない)値を使用するため、この設定は完全に任意であることに注意してください。
本番環境へのデプロイ時に Minikube エクステンションで生成されたマニフェストを使用することはまったくお勧めできません。本番環境にデプロイする場合は、バニラ Kubernetes マニフェスト (または OpenShift をターゲットにしている場合は OpenShift マニフェスト) の使用を検討してください。 |
Minikube エクステンションが想定している前提がワークフローに合わない場合、通常の Kubernetes エクステンションを使用して Kubernetes マニフェストを生成し、それを Minikube クラスタに適用することを妨げるものは何もありません。 |
Kind へのデプロイメント
Kind は、開発目的で Kubernetes クラスターとして使用されるもう 1 つの一般的なツールです。Kind エクスペリエンスへのデプロイを可能な限りスムーズにするために、Quarkus は quarkus-kind
エクステンションを提供します。このエクステンションは、次のようにプロジェクトに追加できます。
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-kind</artifactId>
</dependency>
このエクステンションの目的は、Kind に合わせた Kubernetes マニフェスト (kind.yaml
と kind.json
) を生成することと、コンテナーイメージのビルドを行う際にクラスターにイメージをロードする処理を自動化することにあります。テーラーメードのマニフェストは、Minikube (上記を参照) と非常によく似ています (同じルールを共有)。
application.properties を使用して生成されたリソースをチューニングする
Kubernetes のエクステンションでは、application.properties
ファイルを使用して生成されたマニフェストをチューニングすることができます。 ここではいくつかの例を紹介します。
設定オプション
以下の表は、利用可能なすべての設定オプションについて説明しています。
ビルド時に固定される構成プロパティ - 他のすべての構成プロパティは実行時にオーバーライド可能
Configuration property |
タイプ |
デフォルト |
---|---|---|
The name of the group this component belongs too Environment variable: Show more |
string |
|
The name of the application. This value will be used for naming Kubernetes resources like: - Deployment - Service and so on … Environment variable: Show more |
string |
|
The version of the application. Environment variable: Show more |
string |
|
The kind of the deployment resource to use. Supported values are 'StatefulSet', 'Job', 'CronJob' and 'Deployment' defaulting to the latter. Environment variable: Show more |
|
|
The namespace the generated resources should belong to. If not value is set, then the 'namespace' field will not be added to the 'metadata' section of the generated manifests. This in turn means that when the manifests are applied to a cluster, the namespace will be resolved from the current Kubernetes context (see https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#context for more details). Environment variable: Show more |
string |
|
Custom labels to add to all resources Environment variable: Show more |
Map<String,String> |
|
Custom annotations to add to all resources Environment variable: Show more |
Map<String,String> |
|
Whether to add the build timestamp to the Kubernetes annotations This is a very useful way to have manifests of successive builds of the same application differ - thus ensuring that Kubernetes will apply the updated resources Environment variable: Show more |
ブーリアン |
|
Working directory Environment variable: Show more |
string |
|
list of string |
||
The arguments Environment variable: Show more |
list of string |
|
The service account Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
ブーリアン |
|
The number of desired pods Environment variable: Show more |
int |
|
Specifies the deployment strategy. Environment variable: Show more |
|
|
Specifies the maximum number of Pods that can be unavailable during the update process. Environment variable: Show more |
string |
|
Specifies the maximum number of Pods that can be created over the desired number of Pods. Environment variable: Show more |
string |
|
The type of service that will be generated for the application Environment variable: Show more |
|
|
The nodePort to set when serviceType is set to node-port. Environment variable: Show more |
int |
|
Image pull policy Environment variable: Show more |
|
|
The image pull secret Environment variable: Show more |
list of string |
|
Enable generation of image pull secret, when the container image username and password are provided. Environment variable: Show more |
ブーリアン |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
ブーリアン |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
ブーリアン |
|
Define the annotation prefix used for scrape values, this value will be used as the base for other annotation name defaults. Altering the base for generated annotations can make it easier to define re-labeling rules and avoid unexpected knock-on effects. The default value is Environment variable: Show more |
string |
|
Define the annotation used to indicate services that should be scraped. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the path to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the port to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the scheme to use for scraping By default, Environment variable: Show more |
string |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly Environment variable: Show more |
ブーリアン |
|
The name of the secret to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
ブーリアン |
|
The name of the ConfigMap to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
ブーリアン |
|
EmptyDir volumes Environment variable: Show more |
list of string |
|
Git repository URL. Environment variable: Show more |
string |
required |
The directory of the repository to mount. Environment variable: Show more |
string |
|
The commit hash to use. Environment variable: Show more |
string |
|
The name of the claim to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
Optional Environment variable: Show more |
ブーリアン |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The partition. Environment variable: Show more |
int |
|
Filesystem type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
ブーリアン |
|
The share name. Environment variable: Show more |
string |
required |
The secret name. Environment variable: Show more |
string |
required |
Whether the volumeName is read only or not. Environment variable: Show more |
ブーリアン |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The URI of the vhd blob object OR the resourceID of an Azure managed data disk if Kind is Managed Environment variable: Show more |
string |
required |
Kind of disk. Environment variable: Show more |
|
|
Disk caching mode. Environment variable: Show more |
|
|
File system type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
ブーリアン |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
ブーリアン |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secret Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly Environment variable: Show more |
ブーリアン |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The map associating environment name to its associated value. Environment variable: Show more |
Map<String,Optional<String>> |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
ブーリアン |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secret Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly Environment variable: Show more |
ブーリアン |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The map associating environment name to its associated value. Environment variable: Show more |
Map<String,Optional<String>> |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The target deployment platform. Defaults to kubernetes. Can be kubernetes, openshift, knative, minikube etc., or any combination of the above as comma separated list. Environment variable: Show more |
list of string |
|
The ip address Environment variable: Show more |
string |
|
The hostnames to resolve to the ip Environment variable: Show more |
list of string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The name of the role. Environment variable: Show more |
string |
|
The namespace of the role. Environment variable: Show more |
string |
|
Labels to add into the Role resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the cluster role. Environment variable: Show more |
string |
|
Labels to add into the ClusterRole resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the service account. Environment variable: Show more |
string |
|
The namespace of the service account. Environment variable: Show more |
string |
|
Labels of the service account. Environment variable: Show more |
Map<String,String> |
|
If true, this service account will be used in the generated Deployment resource. Environment variable: Show more |
ブーリアン |
|
Name of the RoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|
The name of the Role resource to use by the RoleRef element in the generated Role Binding resource. By default, it’s "view" role name. Environment variable: Show more |
string |
|
If the Role sets in the Environment variable: Show more |
ブーリアン |
|
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
Name of the ClusterRoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|
The name of the ClusterRole resource to use by the RoleRef element in the generated ClusterRoleBinding resource. Environment variable: Show more |
string |
required |
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
If true, the service will be exposed Environment variable: Show more |
ブーリアン |
|
The host under which the application is going to be exposed Environment variable: Show more |
string |
|
The default target named port. If not provided, it will be deducted from the Service resource ports. Options are: "http" and "https". Environment variable: Show more |
string |
|
The class of the Ingress. If the ingressClassName is omitted, a default Ingress class is used. Environment variable: Show more |
string |
|
Custom annotations to add to exposition (route or ingress) resources Environment variable: Show more |
Map<String,String> |
|
If true, it will use the TLS configuration in the generated Ingress resource. Environment variable: Show more |
ブーリアン |
|
The list of hosts to be included in the TLS certificate. By default, it will use the application host. Environment variable: Show more |
list of string |
|
The host under which the rule is going to be used. Environment variable: Show more |
string |
required |
The path under which the rule is going to be used. Default is "/". Environment variable: Show more |
string |
|
The path type strategy to use by the Ingress rule. Default is "Prefix". Environment variable: Show more |
string |
|
The service name to be used by this Ingress rule. Default is the generated service name of the application. Environment variable: Show more |
string |
|
The service port name to be used by this Ingress rule. Default is the port name of the generated service of the application. Environment variable: Show more |
string |
|
The service port number to be used by this Ingress rule. This is only used when the servicePortName is not set. Environment variable: Show more |
int |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
長 |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
ブーリアン |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron. Environment variable: Show more |
string |
|
ConcurrencyPolicy describes how the job will be handled. Environment variable: Show more |
|
|
Deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones. Environment variable: Show more |
長 |
|
The number of failed finished jobs to retain. The default value is 1. Environment variable: Show more |
int |
|
The number of successful finished jobs to retain. The default value is 3. Environment variable: Show more |
int |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
長 |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
ブーリアン |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
If true, the 'app.kubernetes.io/version' label will be part of the selectors of Service and Deployment Environment variable: Show more |
ブーリアン |
|
If true, the 'app.kubernetes.io/name' label will be part of the selectors of Service and Deployment Environment variable: Show more |
ブーリアン |
|
If set to true, Quarkus will attempt to deploy the application to the target Kubernetes cluster Environment variable: Show more |
ブーリアン |
|
If deploy is enabled, it will follow this strategy to update the resources to the target Kubernetes cluster. Environment variable: Show more |
|
|
If set, the secret will mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
If set, the config map will be mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
The SELinux level label that applies to the container. Environment variable: Show more |
string |
|
The SELinux role label that applies to the container. Environment variable: Show more |
string |
|
The SELinux type label that applies to the container. Environment variable: Show more |
string |
|
The SELinux user label that applies to the container. Environment variable: Show more |
string |
|
The name of the GMSA credential spec to use. Environment variable: Show more |
string |
|
GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. Environment variable: Show more |
string |
|
The UserName in Windows to run the entrypoint of the container process. Environment variable: Show more |
string |
|
HostProcess determines if a container should be run as a 'Host Process' container. Environment variable: Show more |
ブーリアン |
|
The UID to run the entrypoint of the container process. Environment variable: Show more |
長 |
|
The GID to run the entrypoint of the container process. Environment variable: Show more |
長 |
|
Indicates that the container must run as a non-root user. Environment variable: Show more |
ブーリアン |
|
A list of groups applied to the first process run in each container, in addition to the container’s primary GID. If unspecified, no groups will be added to any container. Environment variable: Show more |
list of long |
|
A special supplemental group that applies to all containers in a pod. Environment variable: Show more |
長 |
|
Sysctls hold a list of namespaced sysctls used for the pod. Environment variable: Show more |
Map<String,String> |
|
It holds policies that will be used for applying fsGroup to a volume when volume is mounted. Values: OnRootMismatch, Always Environment variable: Show more |
|
|
If set, it will change the name of the container according to the configuration Environment variable: Show more |
string |
|
If true, the debug mode in pods will be enabled. Environment variable: Show more |
ブーリアン |
|
The transport to use. Environment variable: Show more |
string |
|
If enabled, it means the JVM will wait for the debugger to attach before executing the main class. If false, the JVM will immediately execute the main class, while listening for the debugger connection. Environment variable: Show more |
string |
|
It specifies the address at which the debug socket will listen. Environment variable: Show more |
int |
|
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped. Environment variable: Show more |
ブーリアン |
|
The init task image to use by the init-container. Environment variable: Show more |
string |
|
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped. Environment variable: Show more |
ブーリアン |
|
The init task image to use by the init-container. Environment variable: Show more |
string |
|
Switch used to control whether non-idempotent fields are included in generated kubernetes resources to improve git-ops compatibility Environment variable: Show more |
ブーリアン |
|
Whether the vcs-uri annotation should be added to the generated configuration. Environment variable: Show more |
ブーリアン |
|
Optional override of the vcs-uri annotation. Environment variable: Show more |
string |
|
Optionally set directory generated kubernetes resources will be written to. Default is Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The map associating environment name to its associated value. Environment variable: Show more |
Map<String,Optional<String>> |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
非標準型を使用するプロパティーは、プロパティーを展開することで参照することができます。例えば、 Probe
型の kubernetes-readiness-probe
を定義するには次のようにします。
quarkus.kubernetes.readiness-probe.initial-delay=20s
quarkus.kubernetes.readiness-probe.period=45s
この例では、 initial-delay
と period
は Probe
タイプのフィールドです。以下に、利用可能なすべてのタイプを説明した表を示します。
クライアント接続の設定
Kubernetes クラスターへの接続の設定が必要な場合があります。デフォルトでは、kubectl
が使用するアクティブな context が自動的に使用されます。
たとえば、クラスター API のエンドポイントが自己署名入り SSL 証明書を使用している場合、それを信頼するようにクライアントを明示的に設定する必要があります。これを実現するには、以下のプロパティーを定義します。
quarkus.kubernetes-client.trust-certs=true
Kubernetes クライアント設定プロパティーの完全なリストを以下に示します。
ビルド時に固定される構成プロパティ - 他のすべての構成プロパティは、実行時にオーバーライド可能
Configuration property |
型 |
デフォルト |
---|---|---|
Whether the client should trust a self-signed certificate if so presented by the API server Environment variable: Show more |
boolean |
|
URL of the Kubernetes API server Environment variable: Show more |
string |
|
Default namespace to use Environment variable: Show more |
string |
|
CA certificate file Environment variable: Show more |
string |
|
CA certificate data Environment variable: Show more |
string |
|
Client certificate file Environment variable: Show more |
string |
|
Client certificate data Environment variable: Show more |
string |
|
Client key file Environment variable: Show more |
string |
|
Client key data Environment variable: Show more |
string |
|
Client key algorithm Environment variable: Show more |
string |
|
Client key passphrase Environment variable: Show more |
string |
|
Kubernetes auth username Environment variable: Show more |
string |
|
Kubernetes auth password Environment variable: Show more |
string |
|
Kubernetes oauth token Environment variable: Show more |
string |
|
Watch reconnect interval Environment variable: Show more |
|
|
Maximum reconnect attempts in case of watch failure By default there is no limit to the number of reconnect attempts Environment variable: Show more |
int |
|
Maximum amount of time to wait for a connection with the API server to be established Environment variable: Show more |
|
|
Maximum amount of time to wait for a request to the API server to be completed Environment variable: Show more |
|
|
Maximum number of retry attempts for API requests that fail with an HTTP code of >= 500 Environment variable: Show more |
int |
|
Time interval between retry attempts for API requests that fail with an HTTP code of >= 500 Environment variable: Show more |
|
|
HTTP proxy used to access the Kubernetes API server Environment variable: Show more |
string |
|
HTTPS proxy used to access the Kubernetes API server Environment variable: Show more |
string |
|
Proxy username Environment variable: Show more |
string |
|
Proxy password Environment variable: Show more |
string |
|
IP addresses or hosts to exclude from proxying Environment variable: Show more |
list of string |
|
Enable the generation of the RBAC manifests. If enabled and no other role binding are provided using the properties Environment variable: Show more |
boolean |
|
型 |
デフォルト |
|
If Dev Services for Kubernetes should be used. (default to true) If this is true and kubernetes client is not configured then a kubernetes cluster will be started and will be used. Environment variable: Show more |
boolean |
|
The kubernetes api server version to use. If not set, Dev Services for Kubernetes will use the latest supported version of the given flavor. see https://github.com/dajudge/kindcontainer/blob/master/k8s-versions.json Environment variable: Show more |
string |
|
The flavor to use (kind, k3s or api-only). Default to api-only. Environment variable: Show more |
|
|
By default, if a kubeconfig is found, Dev Services for Kubernetes will not start. Set this to true to override the kubeconfig config. Environment variable: Show more |
boolean |
|
Indicates if the Kubernetes cluster managed by Quarkus Dev Services is shared. When shared, Quarkus looks for running containers using label-based service discovery. If a matching container is found, it is used, and so a second one is not started. Otherwise, Dev Services for Kubernetes starts a new container. The discovery uses the Container sharing is only used in dev mode. Environment variable: Show more |
boolean |
|
The value of the This property is used when you need multiple shared Kubernetes clusters. Environment variable: Show more |
string |
|
Environment variables that are passed to the container. Environment variable: Show more |
Map<String,String> |
OpenShift
アプリケーションを OpenShift にデプロイする方法の1つとして、s2i(source to image)を使用してソースからイメージストリームを作成し、イメージストリームをデプロイする方法があります。
quarkus extension remove kubernetes,jib
quarkus extension add openshift
oc new-project quarkus-project
quarkus build -Dquarkus.container-image.build=true
oc new-app --name=greeting quarkus-project/kubernetes-quickstart:1.0.0-SNAPSHOT
oc expose svc/greeting
oc get route
curl <route>/greeting
./mvnw quarkus:remove-extension -Dextensions="kubernetes, jib"
./mvnw quarkus:add-extension -Dextensions="openshift"
oc new-project quarkus-project
./mvnw clean package -Dquarkus.container-image.build=true
oc new-app --name=greeting quarkus-project/kubernetes-quickstart:1.0.0-SNAPSHOT
oc expose svc/greeting
oc get route
curl <route>/greeting
./gradlew removeExtension --extensions="kubernetes, jib"
./gradlew addExtension --extensions="openshift"
oc new-project quarkus-project
./gradlew build -Dquarkus.container-image.build=true
oc new-app --name=greeting quarkus-project/kubernetes-quickstart:1.0.0-SNAPSHOT
oc expose svc/greeting
oc get route
curl <route>/greeting
詳細は OpenShift へのデプロイ を参照してください。
OpenShift リソースとカスタマイズ可能なプロパティの説明を、Kubernetes リソースと並べて以下に示します。これには、上記の oc new-app …
の代替、つまり oc apply -f target/kubernetes/openshift.json
も含まれます。
OpenShift リソースの生成を有効にするには、ターゲットプラットフォームに OpenShift を含める必要があります。
quarkus.kubernetes.deployment-target=openshift
両方のプラットフォーム(バニラKubernetesとOpenShift)のリソースを生成する必要がある場合は、両方を含める必要があります(カンマ区切り)。
quarkus.kubernetes.deployment-target=kubernetes,openshift
./mvnw package -Dquarkus.container-image.build=true
の実行後に、作成された他のファイルの中に openshift.json
と openshift.yml
という名前の 2 つのファイルが target/kubernetes/
ディレクトリーにあることに気づくでしょう。
これらのマニフェストは、 kubectl
を使用して、実行中のクラスターにそのままデプロイすることができます。
kubectl apply -f target/kubernetes/openshift.json
OpenShift のユーザーは、kubectl ではなく oc を使用したい場合があります。
oc apply -f target/kubernetes/openshift.json
application.properties
をデプロイメントプラットフォームから独立させたいユーザーのために、 -Dquarkus.kubernetes.deploy=true
に加えて -Dquarkus.kubernetes.deployment-target=openshift
を追加することで、デプロイコマンドでデプロイメントターゲットを直接指定することができます。さらに、Quarkusでは、この2つのプロパティを1つにまとめることができます( -Dquarkus.openshift.deploy=true
)。
./mvnw clean package -Dquarkus.openshift.deploy=true
gradleでの同等コマンド:
./gradlew build -Dquarkus.openshift.deploy=true
両プロパティが相反する値で使用されている場合、 quarkus.kubernetes.deployment-target
が使用されます。
Quarkus は OpenShift エクステンションも提供しています。このエクステンションは、基本的に Kubernetes エクステンションのラッパーであり、これにより、OpenShift ユーザーは deployment-target プロパティーを openshift に設定する必要がなくなります。
|
Kubernetesと同様のアプローチでOpenShiftのリソースをカスタマイズすることができます。
ビルド時に固定される設定プロパティ - 他のすべての設定プロパティは、実行時にオーバーライド可能
Configuration property |
タイプ |
デフォルト |
---|---|---|
The OpenShift flavor / version to use. Older versions of OpenShift have minor differences in the labels and fields they support. This option allows users to have their manifests automatically aligned to the OpenShift 'flavor' they use. Environment variable: Show more |
|
|
The kind of the deployment resource to use. Supported values are 'Deployment', 'StatefulSet', 'Job', 'CronJob' and 'DeploymentConfig'. Defaults to 'DeploymentConfig' if Environment variable: Show more |
|
|
The name of the group this component belongs too Environment variable: Show more |
string |
|
The name of the application. This value will be used for naming Kubernetes resources like: 'Deployment', 'Service' and so on… Environment variable: Show more |
string |
|
The version of the application. Environment variable: Show more |
string |
|
The namespace the generated resources should belong to. If not value is set, then the 'namespace' field will not be added to the 'metadata' section of the generated manifests. This in turn means that when the manifests are applied to a cluster, the namespace will be resolved from the current Kubernetes context (see https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#context for more details). Environment variable: Show more |
string |
|
Custom labels to add to all resources Environment variable: Show more |
Map<String,String> |
|
Custom annotations to add to all resources Environment variable: Show more |
Map<String,String> |
|
Add the build timestamp to the Kubernetes annotations This is a very useful way to have manifests of successive builds of the same application differ - thus ensuring that Kubernetes will apply the updated resources Environment variable: Show more |
ブーリアン |
|
Working directory Environment variable: Show more |
string |
|
list of string |
||
The arguments Environment variable: Show more |
list of string |
|
The service account Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
ブーリアン |
|
The number of desired pods Environment variable: Show more |
int |
|
The type of service that will be generated for the application Environment variable: Show more |
|
|
The nodePort to set when serviceType is set to nodePort Environment variable: Show more |
int |
|
Image pull policy Environment variable: Show more |
|
|
The image pull secret Environment variable: Show more |
list of string |
|
Enable generation of image pull secret, when the container image username and password are provided. Environment variable: Show more |
ブーリアン |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
ブーリアン |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
ブーリアン |
|
Define the annotation prefix used for scrape values, this value will be used as the base for other annotation name defaults. Altering the base for generated annotations can make it easier to define re-labeling rules and avoid unexpected knock-on effects. The default value is Environment variable: Show more |
string |
|
Define the annotation used to indicate services that should be scraped. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the path to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the port to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the scheme to use for scraping By default, Environment variable: Show more |
string |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly Environment variable: Show more |
ブーリアン |
|
The name of the secret to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
ブーリアン |
|
The name of the ConfigMap to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
ブーリアン |
|
EmptyDir volumes Environment variable: Show more |
list of string |
|
Git repository URL. Environment variable: Show more |
string |
required |
The directory of the repository to mount. Environment variable: Show more |
string |
|
The commit hash to use. Environment variable: Show more |
string |
|
The name of the claim to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
Optional Environment variable: Show more |
ブーリアン |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The partition. Environment variable: Show more |
int |
|
Filesystem type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
ブーリアン |
|
The share name. Environment variable: Show more |
string |
required |
The secret name. Environment variable: Show more |
string |
required |
Whether the volumeName is read only or not. Environment variable: Show more |
ブーリアン |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The URI of the vhd blob object OR the resourceID of an Azure managed data disk if Kind is Managed Environment variable: Show more |
string |
required |
Kind of disk. Environment variable: Show more |
|
|
Disk caching mode. Environment variable: Show more |
|
|
File system type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
ブーリアン |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
ブーリアン |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secret Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly Environment variable: Show more |
ブーリアン |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The map associating environment name to its associated value. Environment variable: Show more |
Map<String,Optional<String>> |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
ブーリアン |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secret Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
ブーリアン |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly Environment variable: Show more |
ブーリアン |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The map associating environment name to its associated value. Environment variable: Show more |
Map<String,Optional<String>> |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The ip address Environment variable: Show more |
string |
|
The hostnames to resolve to the ip Environment variable: Show more |
list of string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
If set, it will change the name of the container according to the configuration Environment variable: Show more |
string |
|
If true, the service will be exposed Environment variable: Show more |
ブーリアン |
|
The host under which the application is going to be exposed Environment variable: Show more |
string |
|
The target named port. If not provided, it will be deducted from the Service resource ports. Options are: "http" and "https". Environment variable: Show more |
string |
|
Custom annotations to add to exposition (route or ingress) resources Environment variable: Show more |
Map<String,String> |
|
Custom labels to add to exposition (route or ingress) resources Environment variable: Show more |
Map<String,String> |
|
The cert authority certificate contents. Environment variable: Show more |
string |
|
The certificate contents. Environment variable: Show more |
string |
|
The contents of the ca certificate of the final destination. Environment variable: Show more |
string |
|
The desired behavior for insecure connections to a route. Environment variable: Show more |
string |
|
The key file contents. Environment variable: Show more |
string |
|
The termination type. Environment variable: Show more |
string |
|
If true, the 'app.kubernetes.io/version' label will be part of the selectors of Service and DeploymentConfig Environment variable: Show more |
ブーリアン |
|
If true, the 'app.kubernetes.io/name' label will be part of the selectors of Service and Deployment Environment variable: Show more |
ブーリアン |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
長 |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
ブーリアン |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron. Environment variable: Show more |
string |
|
ConcurrencyPolicy describes how the job will be handled. Environment variable: Show more |
|
|
Deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones. Environment variable: Show more |
長 |
|
The number of failed finished jobs to retain. The default value is 1. Environment variable: Show more |
int |
|
The number of successful finished jobs to retain. The default value is 3. Environment variable: Show more |
int |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
長 |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
ブーリアン |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
The name of the role. Environment variable: Show more |
string |
|
The namespace of the role. Environment variable: Show more |
string |
|
Labels to add into the Role resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the cluster role. Environment variable: Show more |
string |
|
Labels to add into the ClusterRole resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the service account. Environment variable: Show more |
string |
|
The namespace of the service account. Environment variable: Show more |
string |
|
Labels of the service account. Environment variable: Show more |
Map<String,String> |
|
If true, this service account will be used in the generated Deployment resource. Environment variable: Show more |
ブーリアン |
|
Name of the RoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|
The name of the Role resource to use by the RoleRef element in the generated Role Binding resource. By default, it’s "view" role name. Environment variable: Show more |
string |
|
If the Role sets in the Environment variable: Show more |
ブーリアン |
|
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
Name of the ClusterRoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|