From 0c8c2cfefbb005d20b89d834b9f631181303bd4c Mon Sep 17 00:00:00 2001 From: musa-asad Date: Thu, 26 Dec 2024 08:40:02 -0500 Subject: [PATCH 1/6] Allow X-Ray and Application Signals Port Compatibility --- .../collector/adapters/config_from.go | 24 ++- internal/manifests/collector/ports.go | 132 +++++++++------ internal/manifests/collector/ports_test.go | 160 ++++++++++++------ .../application_signals_only_traces.json | 7 + .../application_signals_xray_traces.json | 8 + pkg/instrumentation/defaultinstrumentation.go | 4 +- 6 files changed, 220 insertions(+), 115 deletions(-) create mode 100644 internal/manifests/collector/test-resources/application_signals_only_traces.json create mode 100644 internal/manifests/collector/test-resources/application_signals_xray_traces.json diff --git a/internal/manifests/collector/adapters/config_from.go b/internal/manifests/collector/adapters/config_from.go index 12cc486f..e35e37fb 100644 --- a/internal/manifests/collector/adapters/config_from.go +++ b/internal/manifests/collector/adapters/config_from.go @@ -71,8 +71,10 @@ type LogMetricsCollected struct { } type TracesCollected struct { - XRay *xray `json:"xray,omitempty"` - OTLP *otlp `json:"otlp,omitempty"` + XRay *xray `json:"xray,omitempty"` + OTLP *otlp `json:"otlp,omitempty"` + ApplicationSignals *AppSignals `json:"application_signals,omitempty"` + AppSignals *AppSignals `json:"app_signals,omitempty"` } type statsD struct { @@ -126,7 +128,7 @@ func ConfigStructFromJSONString(configStr string) (*CwaConfig, error) { return config, nil } -func (c *CwaConfig) GetApplicationSignalsConfig() *AppSignals { +func (c *CwaConfig) GetApplicationSignalsMetricsConfig() *AppSignals { if c.Logs == nil { return nil } @@ -141,3 +143,19 @@ func (c *CwaConfig) GetApplicationSignalsConfig() *AppSignals { } return nil } + +func (c *CwaConfig) GetApplicationSignalsTracesConfig() *AppSignals { + if c.Traces == nil { + return nil + } + if c.Traces.TracesCollected == nil { + return nil + } + if c.Traces.TracesCollected.ApplicationSignals != nil { + return c.Traces.TracesCollected.ApplicationSignals + } + if c.Traces.TracesCollected.AppSignals != nil { + return c.Traces.TracesCollected.AppSignals + } + return nil +} diff --git a/internal/manifests/collector/ports.go b/internal/manifests/collector/ports.go index 60099db4..fab578f1 100644 --- a/internal/manifests/collector/ports.go +++ b/internal/manifests/collector/ports.go @@ -21,50 +21,36 @@ import ( ) const ( - StatsD = "statsd" - CollectD = "collectd" - XrayProxy = "aws-proxy" - XrayTraces = "aws-traces" - OtlpGrpc = "otlp-grpc" - OtlpHttp = "otlp-http" - AppSignalsGrpc = "appsig-grpc" - AppSignalsHttp = "appsig-http" - AppSignalsProxy = "appsig-xray" - AppSignalsGrpcSA = ":4315" - AppSignalsHttpSA = ":4316" - AppSignalsProxySA = ":2000" - AppSignalsServerSA = ":4311" - EMF = "emf" - EMFTcp = "emf-tcp" - EMFUdp = "emf-udp" - CWA = "cwa-" - JmxHttp = "jmx-http" - Server = "server" + StatsD = "statsd" + CollectD = "collectd" + XrayProxy = "aws-proxy" + XrayTraces = "aws-traces" + OtlpGrpc = "otlp-grpc" + OtlpHttp = "otlp-http" + AppSignalsGrpc = CWA + "appsig-grpc" + AppSignalsHttp = CWA + "appsig-http" + AppSignalsProxy = CWA + "appsig-xray" + EMF = "emf" + EMFTcp = "emf-tcp" + EMFUdp = "emf-udp" + CWA = "cwa-" + JmxHttp = "jmx-http" + Server = CWA + "server" ) var receiverDefaultPortsMap = map[string]int32{ - StatsD: 8125, - CollectD: 25826, - XrayTraces: 2000, - JmxHttp: 4314, - OtlpGrpc: 4317, - OtlpHttp: 4318, - EMF: 25888, -} - -var AppSignalsPortToServicePortMap = map[int32][]corev1.ServicePort{ - 4315: {{ - Name: AppSignalsGrpc, - Port: 4315, - }}, - 4316: {{ - Name: AppSignalsHttp, - Port: 4316, - }}, - 2000: {{ - Name: AppSignalsProxy, - Port: 2000, - }}, + StatsD: 8125, + CollectD: 25826, + XrayProxy: 2000, + XrayTraces: 2000, + OtlpGrpc: 4317, + OtlpHttp: 4318, + AppSignalsGrpc: 4315, + AppSignalsHttp: 4316, + AppSignalsProxy: 2000, + EMF: 25888, + JmxHttp: 4314, + Server: 4311, } func PortMapToServicePortList(portMap map[int32][]corev1.ServicePort) []corev1.ServicePort { @@ -148,8 +134,12 @@ func getServicePortsFromCWAgentConfig(logger logr.Logger, config *adapters.CwaCo return PortMapToServicePortList(servicePortsMap) } -func isAppSignalEnabled(config *adapters.CwaConfig) bool { - return config.GetApplicationSignalsConfig() != nil +func isAppSignalEnabledMetrics(config *adapters.CwaConfig) bool { + return config.GetApplicationSignalsMetricsConfig() != nil +} + +func isAppSignalEnabledTraces(config *adapters.CwaConfig) bool { + return config.GetApplicationSignalsTracesConfig() != nil } func getMetricsReceiversServicePorts(logger logr.Logger, config *adapters.CwaConfig, servicePortsMap map[int32][]corev1.ServicePort) { @@ -184,8 +174,23 @@ func getReceiverServicePort(logger logr.Logger, serviceAddress string, receiverN if err != nil { logger.Error(err, "error parsing port from endpoint for receiver", zap.String("endpoint", serviceAddress), zap.String("receiver", receiverName)) } else { - if _, ok := servicePortsMap[port]; ok { - logger.Info("Duplicate port has been configured in Agent Config for port", zap.Int32("port", port)) + if ports, exists := servicePortsMap[port]; exists { + for _, existingPort := range ports { + if existingPort.Protocol == protocol { + logger.Info("Duplicate port and protocol combination configured", zap.Int32("port", port), zap.String("protocol", string(protocol))) + return + } + } + name := CWA + receiverName + if receiverName == OtlpGrpc || receiverName == OtlpHttp { + name = fmt.Sprintf("%s-%d", receiverName, port) + } + sp := corev1.ServicePort{ + Name: name, + Port: port, + Protocol: protocol, + } + servicePortsMap[port] = append(servicePortsMap[port], sp) } else { name := CWA + receiverName if receiverName == OtlpGrpc || receiverName == OtlpHttp { @@ -200,15 +205,27 @@ func getReceiverServicePort(logger logr.Logger, serviceAddress string, receiverN } } } else { - if _, ok := servicePortsMap[receiverDefaultPortsMap[receiverName]]; ok { - logger.Info("Duplicate port has been configured in Agent Config for port", zap.Int32("port", receiverDefaultPortsMap[receiverName])) + defaultPort := receiverDefaultPortsMap[receiverName] + if ports, exists := servicePortsMap[defaultPort]; exists { + for _, existingPort := range ports { + if existingPort.Protocol == protocol { + logger.Info("Duplicate port and protocol combination configured", zap.Int32("port", defaultPort), zap.String("protocol", string(protocol))) + return + } + } + sp := corev1.ServicePort{ + Name: receiverName, + Port: defaultPort, + Protocol: protocol, + } + servicePortsMap[defaultPort] = append(servicePortsMap[defaultPort], sp) } else { sp := corev1.ServicePort{ Name: receiverName, - Port: receiverDefaultPortsMap[receiverName], + Port: defaultPort, Protocol: protocol, } - servicePortsMap[receiverDefaultPortsMap[receiverName]] = []corev1.ServicePort{sp} + servicePortsMap[defaultPort] = []corev1.ServicePort{sp} } } } @@ -278,22 +295,25 @@ func getTracesReceiversServicePorts(logger logr.Logger, config *adapters.CwaConf //Xray if config.Traces.TracesCollected.XRay != nil { getReceiverServicePort(logger, config.Traces.TracesCollected.XRay.BindAddress, XrayTraces, corev1.ProtocolUDP, servicePortsMap) + serviceAddress := "" if config.Traces.TracesCollected.XRay.TCPProxy != nil { - getReceiverServicePort(logger, config.Traces.TracesCollected.XRay.TCPProxy.BindAddress, XrayProxy, corev1.ProtocolTCP, servicePortsMap) + serviceAddress = config.Traces.TracesCollected.XRay.TCPProxy.BindAddress } + getReceiverServicePort(logger, serviceAddress, XrayProxy, corev1.ProtocolTCP, servicePortsMap) } return tracesPorts } func getApplicationSignalsReceiversServicePorts(logger logr.Logger, config *adapters.CwaConfig, servicePortsMap map[int32][]corev1.ServicePort) { - if !isAppSignalEnabled(config) { - return + if isAppSignalEnabledMetrics(config) || isAppSignalEnabledTraces(config) { + getReceiverServicePort(logger, "", AppSignalsGrpc, corev1.ProtocolTCP, servicePortsMap) + getReceiverServicePort(logger, "", AppSignalsHttp, corev1.ProtocolTCP, servicePortsMap) + getReceiverServicePort(logger, "", Server, corev1.ProtocolTCP, servicePortsMap) } - getReceiverServicePort(logger, AppSignalsGrpcSA, AppSignalsGrpc, corev1.ProtocolTCP, servicePortsMap) - getReceiverServicePort(logger, AppSignalsHttpSA, AppSignalsHttp, corev1.ProtocolTCP, servicePortsMap) - getReceiverServicePort(logger, AppSignalsProxySA, AppSignalsProxy, corev1.ProtocolTCP, servicePortsMap) - getReceiverServicePort(logger, AppSignalsServerSA, Server, corev1.ProtocolTCP, servicePortsMap) + if isAppSignalEnabledTraces(config) { + getReceiverServicePort(logger, "", AppSignalsProxy, corev1.ProtocolTCP, servicePortsMap) + } } func portFromEndpoint(endpoint string) (int32, error) { diff --git a/internal/manifests/collector/ports_test.go b/internal/manifests/collector/ports_test.go index 16c3944d..97e14d4e 100644 --- a/internal/manifests/collector/ports_test.go +++ b/internal/manifests/collector/ports_test.go @@ -48,19 +48,66 @@ func TestDefaultCollectDGetContainerPorts(t *testing.T) { assert.Equal(t, corev1.ProtocolUDP, containerPorts[CollectD].Protocol) } -func TestApplicationSignals(t *testing.T) { +func TestApplicationSignalsMetrics(t *testing.T) { cfg := getStringFromFile("./test-resources/application_signals.json") containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) + assert.Equal(t, 3, len(containerPorts)) + assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) + assert.Equal(t, Server, containerPorts[Server].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[Server].Protocol) + assert.Equal(t, int32(4315), containerPorts[AppSignalsGrpc].ContainerPort) + assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) + assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) + assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) +} + +func TestApplicationSignalsTraces(t *testing.T) { + cfg := getStringFromFile("./test-resources/application_signals_only_traces.json") + containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) + assert.Equal(t, 4, len(containerPorts)) + assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) + assert.Equal(t, Server, containerPorts[Server].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[Server].Protocol) + assert.Equal(t, int32(4315), containerPorts[AppSignalsGrpc].ContainerPort) + assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) + assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) + assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) + assert.Equal(t, int32(2000), containerPorts[AppSignalsProxy].ContainerPort) + assert.Equal(t, AppSignalsProxy, containerPorts[AppSignalsProxy].Name) +} + +func TestApplicationSignalsMetricsAndTraces(t *testing.T) { + cfg := getStringFromFile("./test-resources/application_signals_with_traces.json") + containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) assert.Equal(t, 4, len(containerPorts)) - assert.Equal(t, int32(4311), containerPorts[CWA+Server].ContainerPort) - assert.Equal(t, CWA+Server, containerPorts[CWA+Server].Name) - assert.Equal(t, corev1.ProtocolTCP, containerPorts[CWA+Server].Protocol) - assert.Equal(t, int32(4315), containerPorts[CWA+AppSignalsGrpc].ContainerPort) - assert.Equal(t, CWA+AppSignalsGrpc, containerPorts[CWA+AppSignalsGrpc].Name) - assert.Equal(t, int32(4316), containerPorts[CWA+AppSignalsHttp].ContainerPort) - assert.Equal(t, CWA+AppSignalsHttp, containerPorts[CWA+AppSignalsHttp].Name) - assert.Equal(t, int32(2000), containerPorts[CWA+AppSignalsProxy].ContainerPort) - assert.Equal(t, CWA+AppSignalsProxy, containerPorts[CWA+AppSignalsProxy].Name) + assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) + assert.Equal(t, Server, containerPorts[Server].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[Server].Protocol) + assert.Equal(t, int32(4315), containerPorts[AppSignalsGrpc].ContainerPort) + assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) + assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) + assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) + assert.Equal(t, int32(2000), containerPorts[AppSignalsProxy].ContainerPort) + assert.Equal(t, AppSignalsProxy, containerPorts[AppSignalsProxy].Name) +} + +func TestApplicationSignalsXRayTraces(t *testing.T) { + cfg := getStringFromFile("./test-resources/application_signals_xray_traces.json") + containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) + assert.Equal(t, 5, len(containerPorts)) + assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) + assert.Equal(t, Server, containerPorts[Server].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[Server].Protocol) + assert.Equal(t, int32(4315), containerPorts[AppSignalsGrpc].ContainerPort) + assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) + assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) + assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) + assert.Equal(t, int32(2000), containerPorts[XrayTraces].ContainerPort) + assert.Equal(t, XrayTraces, containerPorts[XrayTraces].Name) + assert.Equal(t, corev1.ProtocolUDP, containerPorts[XrayTraces].Protocol) + assert.Equal(t, int32(2000), containerPorts[AppSignalsProxy].ContainerPort) + assert.Equal(t, AppSignalsProxy, containerPorts[AppSignalsProxy].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[AppSignalsProxy].Protocol) } func TestEMFGetContainerPorts(t *testing.T) { @@ -82,6 +129,11 @@ func TestXrayAndOTLPGetContainerPorts(t *testing.T) { Protocol: corev1.ProtocolUDP, ContainerPort: int32(2000), }, + { + Name: CWA + XrayProxy, + Protocol: corev1.ProtocolTCP, + ContainerPort: int32(2000), + }, { Name: OtlpGrpc + "-4327", Protocol: corev1.ProtocolTCP, @@ -100,9 +152,13 @@ func TestXrayAndOTLPGetContainerPorts(t *testing.T) { func TestDefaultXRayAndOTLPGetContainerPorts(t *testing.T) { cfg := getStringFromFile("./test-resources/xrayAndOTLPDefaultAgentConfig.json") containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) - assert.Equal(t, 3, len(containerPorts)) + assert.Equal(t, 4, len(containerPorts)) assert.Equal(t, int32(2000), containerPorts[XrayTraces].ContainerPort) assert.Equal(t, XrayTraces, containerPorts[XrayTraces].Name) + assert.Equal(t, corev1.ProtocolUDP, containerPorts[XrayTraces].Protocol) + assert.Equal(t, int32(2000), containerPorts[XrayTraces].ContainerPort) + assert.Equal(t, XrayProxy, containerPorts[XrayProxy].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[XrayProxy].Protocol) assert.Equal(t, int32(4317), containerPorts[OtlpGrpc].ContainerPort) assert.Equal(t, OtlpGrpc, containerPorts[OtlpGrpc].Name) assert.Equal(t, corev1.ProtocolTCP, containerPorts[OtlpGrpc].Protocol) @@ -158,25 +214,20 @@ func TestMultipleReceiversGetContainerPorts(t *testing.T) { cfg = strings.Replace(cfg, "2900", "2000", 1) // set Xray proxy to port 2000 wantPorts := []corev1.ContainerPort{ { - Name: CWA + Server, + Name: Server, Protocol: corev1.ProtocolTCP, ContainerPort: int32(4311), }, { - Name: CWA + AppSignalsGrpc, + Name: AppSignalsGrpc, Protocol: corev1.ProtocolTCP, ContainerPort: int32(4315), }, { - Name: CWA + AppSignalsHttp, + Name: AppSignalsHttp, Protocol: corev1.ProtocolTCP, ContainerPort: int32(4316), }, - { - Name: CWA + AppSignalsProxy, - Protocol: corev1.ProtocolTCP, - ContainerPort: int32(2000), - }, { Name: CWA + StatsD, Protocol: corev1.ProtocolUDP, @@ -202,6 +253,11 @@ func TestMultipleReceiversGetContainerPorts(t *testing.T) { Protocol: corev1.ProtocolUDP, ContainerPort: int32(2800), }, + { + Name: CWA + XrayProxy, + Protocol: corev1.ProtocolTCP, + ContainerPort: int32(2000), + }, { Name: OtlpGrpc + "-4327", Protocol: corev1.ProtocolTCP, @@ -315,15 +371,13 @@ func TestValidJSONAndValidOtelConfig(t *testing.T) { cfg := getStringFromFile("./test-resources/application_signals.json") otelCfg := getStringFromFile("./test-resources/otelConfigs/otlpOtelConfig.yaml") containerPorts := getContainerPorts(logger, cfg, otelCfg, []corev1.ServicePort{}) - assert.Equal(t, 5, len(containerPorts)) - assert.Equal(t, int32(4311), containerPorts[CWA+Server].ContainerPort) - assert.Equal(t, CWA+Server, containerPorts[CWA+Server].Name) - assert.Equal(t, int32(4315), containerPorts[CWA+AppSignalsGrpc].ContainerPort) - assert.Equal(t, CWA+AppSignalsGrpc, containerPorts[CWA+AppSignalsGrpc].Name) - assert.Equal(t, int32(4316), containerPorts[CWA+AppSignalsHttp].ContainerPort) - assert.Equal(t, CWA+AppSignalsHttp, containerPorts[CWA+AppSignalsHttp].Name) - assert.Equal(t, int32(2000), containerPorts[CWA+AppSignalsProxy].ContainerPort) - assert.Equal(t, CWA+AppSignalsProxy, containerPorts[CWA+AppSignalsProxy].Name) + assert.Equal(t, 4, len(containerPorts)) + assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) + assert.Equal(t, Server, containerPorts[Server].Name) + assert.Equal(t, int32(4315), containerPorts[AppSignalsGrpc].ContainerPort) + assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) + assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) + assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) assert.Equal(t, int32(4317), containerPorts[OtlpGrpc].ContainerPort) assert.Equal(t, OtlpGrpc, containerPorts[OtlpGrpc].Name) } @@ -332,30 +386,26 @@ func TestValidJSONAndInvalidOtelConfig(t *testing.T) { cfg := getStringFromFile("./test-resources/application_signals.json") otelCfg := getStringFromFile("./test-resources/otelConfigs/invalidOtlpConfig.yaml") containerPorts := getContainerPorts(logger, cfg, otelCfg, []corev1.ServicePort{}) - assert.Equal(t, 4, len(containerPorts)) - assert.Equal(t, int32(4311), containerPorts[CWA+Server].ContainerPort) - assert.Equal(t, CWA+Server, containerPorts[CWA+Server].Name) - assert.Equal(t, int32(4315), containerPorts[CWA+AppSignalsGrpc].ContainerPort) - assert.Equal(t, CWA+AppSignalsGrpc, containerPorts[CWA+AppSignalsGrpc].Name) - assert.Equal(t, int32(4316), containerPorts[CWA+AppSignalsHttp].ContainerPort) - assert.Equal(t, CWA+AppSignalsHttp, containerPorts[CWA+AppSignalsHttp].Name) - assert.Equal(t, int32(2000), containerPorts[CWA+AppSignalsProxy].ContainerPort) - assert.Equal(t, CWA+AppSignalsProxy, containerPorts[CWA+AppSignalsProxy].Name) + assert.Equal(t, 3, len(containerPorts)) + assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) + assert.Equal(t, Server, containerPorts[Server].Name) + assert.Equal(t, int32(4315), containerPorts[AppSignalsGrpc].ContainerPort) + assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) + assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) + assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) } func TestValidJSONAndConflictingOtelConfig(t *testing.T) { cfg := getStringFromFile("./test-resources/application_signals.json") otelCfg := getStringFromFile("./test-resources/otelConfigs/conflictingPortOtlpConfig.yaml") containerPorts := getContainerPorts(logger, cfg, otelCfg, []corev1.ServicePort{}) - assert.Equal(t, 4, len(containerPorts)) - assert.Equal(t, int32(4311), containerPorts[CWA+Server].ContainerPort) - assert.Equal(t, CWA+Server, containerPorts[CWA+Server].Name) - assert.Equal(t, int32(4315), containerPorts[CWA+AppSignalsGrpc].ContainerPort) - assert.Equal(t, CWA+AppSignalsGrpc, containerPorts[CWA+AppSignalsGrpc].Name) - assert.Equal(t, int32(4316), containerPorts[CWA+AppSignalsHttp].ContainerPort) - assert.Equal(t, CWA+AppSignalsHttp, containerPorts[CWA+AppSignalsHttp].Name) - assert.Equal(t, int32(2000), containerPorts[CWA+AppSignalsProxy].ContainerPort) - assert.Equal(t, CWA+AppSignalsProxy, containerPorts[CWA+AppSignalsProxy].Name) + assert.Equal(t, 3, len(containerPorts)) + assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) + assert.Equal(t, Server, containerPorts[Server].Name) + assert.Equal(t, int32(4315), containerPorts[AppSignalsGrpc].ContainerPort) + assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) + assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) + assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) } func TestValidJSONAndConflictingOtelConfigForXray(t *testing.T) { @@ -363,16 +413,18 @@ func TestValidJSONAndConflictingOtelConfigForXray(t *testing.T) { otelCfg := getStringFromFile("./test-resources/otelConfigs/xrayOtelConfig.yaml") containerPorts := getContainerPorts(logger, cfg, otelCfg, []corev1.ServicePort{}) assert.Equal(t, 7, len(containerPorts)) - assert.Equal(t, int32(4311), containerPorts[CWA+Server].ContainerPort) - assert.Equal(t, CWA+Server, containerPorts[CWA+Server].Name) - assert.Equal(t, int32(4315), containerPorts[CWA+AppSignalsGrpc].ContainerPort) - assert.Equal(t, CWA+AppSignalsGrpc, containerPorts[CWA+AppSignalsGrpc].Name) - assert.Equal(t, int32(4316), containerPorts[CWA+AppSignalsHttp].ContainerPort) - assert.Equal(t, CWA+AppSignalsHttp, containerPorts[CWA+AppSignalsHttp].Name) - assert.Equal(t, int32(2000), containerPorts[CWA+AppSignalsProxy].ContainerPort) - assert.Equal(t, CWA+AppSignalsProxy, containerPorts[CWA+AppSignalsProxy].Name) + assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) + assert.Equal(t, Server, containerPorts[Server].Name) + assert.Equal(t, int32(4315), containerPorts[AppSignalsGrpc].ContainerPort) + assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) + assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) + assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) + assert.Equal(t, int32(2000), containerPorts[AppSignalsProxy].ContainerPort) + assert.Equal(t, AppSignalsProxy, containerPorts[AppSignalsProxy].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[AppSignalsProxy].Protocol) assert.Equal(t, int32(2000), containerPorts["awsxray"].ContainerPort) assert.Equal(t, "awsxray", containerPorts["awsxray"].Name) + assert.Equal(t, corev1.ProtocolUDP, containerPorts["awsxray"].Protocol) assert.Equal(t, int32(4317), containerPorts["otlp-grpc"].ContainerPort) assert.Equal(t, "otlp-grpc", containerPorts["otlp-grpc"].Name) assert.Equal(t, int32(4318), containerPorts["otlp-http"].ContainerPort) diff --git a/internal/manifests/collector/test-resources/application_signals_only_traces.json b/internal/manifests/collector/test-resources/application_signals_only_traces.json new file mode 100644 index 00000000..478b2211 --- /dev/null +++ b/internal/manifests/collector/test-resources/application_signals_only_traces.json @@ -0,0 +1,7 @@ +{ + "traces": { + "traces_collected": { + "application_signals": { } + } + } +} \ No newline at end of file diff --git a/internal/manifests/collector/test-resources/application_signals_xray_traces.json b/internal/manifests/collector/test-resources/application_signals_xray_traces.json new file mode 100644 index 00000000..84c5b0b3 --- /dev/null +++ b/internal/manifests/collector/test-resources/application_signals_xray_traces.json @@ -0,0 +1,8 @@ +{ + "traces": { + "traces_collected": { + "application_signals": { }, + "xray": { } + } + } +} \ No newline at end of file diff --git a/pkg/instrumentation/defaultinstrumentation.go b/pkg/instrumentation/defaultinstrumentation.go index 0a9ef6df..478ba373 100644 --- a/pkg/instrumentation/defaultinstrumentation.go +++ b/pkg/instrumentation/defaultinstrumentation.go @@ -77,10 +77,10 @@ func getDefaultInstrumentation(agentConfig *adapters.CwaConfig, additionalEnvs m // set protocol by checking cloudwatch agent config for tls setting exporterPrefix := http - isApplicationSignalsEnabled := agentConfig != nil && agentConfig.GetApplicationSignalsConfig() != nil + isApplicationSignalsEnabled := agentConfig != nil && agentConfig.GetApplicationSignalsMetricsConfig() != nil if isApplicationSignalsEnabled { - if agentConfig.GetApplicationSignalsConfig().TLS != nil { + if agentConfig.GetApplicationSignalsMetricsConfig().TLS != nil { exporterPrefix = https } } From 4630a4e0c236c6c16a59f9c96cd9fbad93a0f936 Mon Sep 17 00:00:00 2001 From: musa-asad Date: Thu, 26 Dec 2024 09:09:12 -0500 Subject: [PATCH 2/6] add test for custom override --- internal/manifests/collector/ports_test.go | 38 +++++++++++++++---- ...n_signals.json => applicationSignals.json} | 0 ...json => applicationSignalsOnlyTraces.json} | 0 ...json => applicationSignalsWithTraces.json} | 0 ...json => applicationSignalsXRayTraces.json} | 0 .../applicationSignalsXRayTracesCustom.json | 13 +++++++ 6 files changed, 43 insertions(+), 8 deletions(-) rename internal/manifests/collector/test-resources/{application_signals.json => applicationSignals.json} (100%) rename internal/manifests/collector/test-resources/{application_signals_only_traces.json => applicationSignalsOnlyTraces.json} (100%) rename internal/manifests/collector/test-resources/{application_signals_with_traces.json => applicationSignalsWithTraces.json} (100%) rename internal/manifests/collector/test-resources/{application_signals_xray_traces.json => applicationSignalsXRayTraces.json} (100%) create mode 100644 internal/manifests/collector/test-resources/applicationSignalsXRayTracesCustom.json diff --git a/internal/manifests/collector/ports_test.go b/internal/manifests/collector/ports_test.go index 97e14d4e..d3aa4403 100644 --- a/internal/manifests/collector/ports_test.go +++ b/internal/manifests/collector/ports_test.go @@ -49,7 +49,7 @@ func TestDefaultCollectDGetContainerPorts(t *testing.T) { } func TestApplicationSignalsMetrics(t *testing.T) { - cfg := getStringFromFile("./test-resources/application_signals.json") + cfg := getStringFromFile("./test-resources/applicationSignals.json") containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) assert.Equal(t, 3, len(containerPorts)) assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) @@ -62,7 +62,7 @@ func TestApplicationSignalsMetrics(t *testing.T) { } func TestApplicationSignalsTraces(t *testing.T) { - cfg := getStringFromFile("./test-resources/application_signals_only_traces.json") + cfg := getStringFromFile("./test-resources/applicationSignalsOnlyTraces.json") containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) assert.Equal(t, 4, len(containerPorts)) assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) @@ -77,7 +77,7 @@ func TestApplicationSignalsTraces(t *testing.T) { } func TestApplicationSignalsMetricsAndTraces(t *testing.T) { - cfg := getStringFromFile("./test-resources/application_signals_with_traces.json") + cfg := getStringFromFile("./test-resources/applicationSignalsWithTraces.json") containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) assert.Equal(t, 4, len(containerPorts)) assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) @@ -92,7 +92,7 @@ func TestApplicationSignalsMetricsAndTraces(t *testing.T) { } func TestApplicationSignalsXRayTraces(t *testing.T) { - cfg := getStringFromFile("./test-resources/application_signals_xray_traces.json") + cfg := getStringFromFile("./test-resources/applicationSignalsXRayTraces.json") containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) assert.Equal(t, 5, len(containerPorts)) assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) @@ -110,6 +110,28 @@ func TestApplicationSignalsXRayTraces(t *testing.T) { assert.Equal(t, corev1.ProtocolTCP, containerPorts[AppSignalsProxy].Protocol) } +func TestApplicationSignalsXRayTracesCustom(t *testing.T) { + cfg := getStringFromFile("./test-resources/applicationSignalsXRayTracesCustom.json") + containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) + assert.Equal(t, 5, len(containerPorts)) + assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) + assert.Equal(t, Server, containerPorts[Server].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[Server].Protocol) + assert.Equal(t, int32(4315), containerPorts[AppSignalsGrpc].ContainerPort) + assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) + assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) + assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) + assert.Equal(t, int32(2800), containerPorts[XrayTraces].ContainerPort) + assert.Equal(t, XrayTraces, containerPorts[XrayTraces].Name) + assert.Equal(t, corev1.ProtocolUDP, containerPorts[XrayTraces].Protocol) + assert.Equal(t, int32(2900), containerPorts[XrayProxy].ContainerPort) + assert.Equal(t, XrayProxy, containerPorts[XrayProxy].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[XrayProxy].Protocol) + assert.Equal(t, int32(2000), containerPorts[AppSignalsProxy].ContainerPort) + assert.Equal(t, AppSignalsProxy, containerPorts[AppSignalsProxy].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[AppSignalsProxy].Protocol) +} + func TestEMFGetContainerPorts(t *testing.T) { cfg := getStringFromFile("./test-resources/emfAgentConfig.json") containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) @@ -368,7 +390,7 @@ func TestValidOTLPLogsAndMetricsPort(t *testing.T) { } func TestValidJSONAndValidOtelConfig(t *testing.T) { - cfg := getStringFromFile("./test-resources/application_signals.json") + cfg := getStringFromFile("./test-resources/applicationSignals.json") otelCfg := getStringFromFile("./test-resources/otelConfigs/otlpOtelConfig.yaml") containerPorts := getContainerPorts(logger, cfg, otelCfg, []corev1.ServicePort{}) assert.Equal(t, 4, len(containerPorts)) @@ -383,7 +405,7 @@ func TestValidJSONAndValidOtelConfig(t *testing.T) { } func TestValidJSONAndInvalidOtelConfig(t *testing.T) { - cfg := getStringFromFile("./test-resources/application_signals.json") + cfg := getStringFromFile("./test-resources/applicationSignals.json") otelCfg := getStringFromFile("./test-resources/otelConfigs/invalidOtlpConfig.yaml") containerPorts := getContainerPorts(logger, cfg, otelCfg, []corev1.ServicePort{}) assert.Equal(t, 3, len(containerPorts)) @@ -396,7 +418,7 @@ func TestValidJSONAndInvalidOtelConfig(t *testing.T) { } func TestValidJSONAndConflictingOtelConfig(t *testing.T) { - cfg := getStringFromFile("./test-resources/application_signals.json") + cfg := getStringFromFile("./test-resources/applicationSignals.json") otelCfg := getStringFromFile("./test-resources/otelConfigs/conflictingPortOtlpConfig.yaml") containerPorts := getContainerPorts(logger, cfg, otelCfg, []corev1.ServicePort{}) assert.Equal(t, 3, len(containerPorts)) @@ -409,7 +431,7 @@ func TestValidJSONAndConflictingOtelConfig(t *testing.T) { } func TestValidJSONAndConflictingOtelConfigForXray(t *testing.T) { - cfg := getStringFromFile("./test-resources/application_signals_with_traces.json") + cfg := getStringFromFile("./test-resources/applicationSignalsWithTraces.json") otelCfg := getStringFromFile("./test-resources/otelConfigs/xrayOtelConfig.yaml") containerPorts := getContainerPorts(logger, cfg, otelCfg, []corev1.ServicePort{}) assert.Equal(t, 7, len(containerPorts)) diff --git a/internal/manifests/collector/test-resources/application_signals.json b/internal/manifests/collector/test-resources/applicationSignals.json similarity index 100% rename from internal/manifests/collector/test-resources/application_signals.json rename to internal/manifests/collector/test-resources/applicationSignals.json diff --git a/internal/manifests/collector/test-resources/application_signals_only_traces.json b/internal/manifests/collector/test-resources/applicationSignalsOnlyTraces.json similarity index 100% rename from internal/manifests/collector/test-resources/application_signals_only_traces.json rename to internal/manifests/collector/test-resources/applicationSignalsOnlyTraces.json diff --git a/internal/manifests/collector/test-resources/application_signals_with_traces.json b/internal/manifests/collector/test-resources/applicationSignalsWithTraces.json similarity index 100% rename from internal/manifests/collector/test-resources/application_signals_with_traces.json rename to internal/manifests/collector/test-resources/applicationSignalsWithTraces.json diff --git a/internal/manifests/collector/test-resources/application_signals_xray_traces.json b/internal/manifests/collector/test-resources/applicationSignalsXRayTraces.json similarity index 100% rename from internal/manifests/collector/test-resources/application_signals_xray_traces.json rename to internal/manifests/collector/test-resources/applicationSignalsXRayTraces.json diff --git a/internal/manifests/collector/test-resources/applicationSignalsXRayTracesCustom.json b/internal/manifests/collector/test-resources/applicationSignalsXRayTracesCustom.json new file mode 100644 index 00000000..0058de9e --- /dev/null +++ b/internal/manifests/collector/test-resources/applicationSignalsXRayTracesCustom.json @@ -0,0 +1,13 @@ +{ + "traces": { + "traces_collected": { + "application_signals": { }, + "xray": { + "bind_address": "127.0.0.1:2800", + "tcp_proxy": { + "bind_address": "127.0.0.1:2900" + } + } + } + } +} \ No newline at end of file From 9654a11ee23da229c38899442c34740b6efe8357 Mon Sep 17 00:00:00 2001 From: musa-asad Date: Thu, 26 Dec 2024 09:16:03 -0500 Subject: [PATCH 3/6] fix naming --- docs/api.md | 2901 ++++++++++++++++++++ internal/manifests/collector/ports_test.go | 14 +- 2 files changed, 2908 insertions(+), 7 deletions(-) diff --git a/docs/api.md b/docs/api.md index a5faebc9..885b2413 100644 --- a/docs/api.md +++ b/docs/api.md @@ -327,6 +327,13 @@ If not specified, the pod priority will be default or zero if there is no default.
false + + prometheus + object + + Prometheus is the raw YAML to be used as the collector's prometheus configuration.
+ + false replicas integer @@ -368,6 +375,13 @@ injected sidecar container.
the operator will not automatically create a ServiceAccount for the collector.
false + + targetAllocator + object + + TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not.
+ + false terminationGracePeriodSeconds integer @@ -9960,6 +9974,68 @@ More info: https://kubernetes.io/docs/concepts/services-networking/service/#defi +### AmazonCloudWatchAgent.spec.prometheus +[↩ Parent](#amazoncloudwatchagentspec) + + + +Prometheus is the raw YAML to be used as the collector's prometheus configuration. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
configobject + AnyConfig represent parts of the config.
+ 		false
report_extra_scrape_metricsboolean +
+ 		false
start_time_metric_regexstring +
+ 		false
target_allocatorobject + AnyConfig represent parts of the config.
+ 		false
trim_metric_suffixesboolean +
+ 		false
use_start_time_metricboolean +
+ 		false
+ + ### AmazonCloudWatchAgent.spec.resources [↩ Parent](#amazoncloudwatchagentspec) @@ -10386,6 +10462,2831 @@ PodSecurityContext, the value specified in SecurityContext takes precedence.
+### AmazonCloudWatchAgent.spec.targetAllocator +[↩ Parent](#amazoncloudwatchagentspec) + + + +TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
affinityobject + If specified, indicates the pod's scheduling constraints
+ 		false
allocationStrategyenum + AllocationStrategy determines which strategy the target allocator should use for allocation. +The current option is consistent-hashing.
+
+ Enum: consistent-hashing
+ 		false
enabledboolean + Enabled indicates whether to use a target allocation mechanism for Prometheus targets or not.
+ 		false
env[]object + ENV vars to set on the OpenTelemetry TargetAllocator's Pods. These can then in certain cases be +consumed in the config file for the TargetAllocator.
+ 		false
filterStrategystring + FilterStrategy determines how to filter targets before allocating them among the collectors. +The only current option is relabel-config (drops targets based on prom relabel_config). +Filtering is disabled by default.
+ 		false
imagestring + Image indicates the container image to use for the OpenTelemetry TargetAllocator.
+ 		false
nodeSelectormap[string]string + NodeSelector to schedule OpenTelemetry TargetAllocator pods.
+ 		false
prometheusCRobject + PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval. +All CR instances which the ServiceAccount has access to will be retrieved. This includes other namespaces.
+ 		false
replicasinteger + Replicas is the number of pod instances for the underlying TargetAllocator. This should only be set to a value +other than 1 if a strategy that allows for high availability is chosen. Currently, the only allocation strategy +that can be run in a high availability mode is consistent-hashing.
+
+ Format: int32
+ 		false
resourcesobject + Resources to set on the OpenTelemetryTargetAllocator containers.
+ 		false
securityContextobject + SecurityContext configures the container security context for +the target-allocator.
+ 		false
serviceAccountstring + ServiceAccount indicates the name of an existing service account to use with this instance. When set, +the operator will not automatically create a ServiceAccount for the TargetAllocator.
+ 		false
tolerations[]object + Toleration embedded kubernetes pod configuration option, +controls how pods can be scheduled with matching taints
+ 		false
topologySpreadConstraints[]object + TopologySpreadConstraints embedded kubernetes pod configuration option, +controls how pods are spread across your cluster among failure-domains +such as regions, zones, nodes, and other user-defined topology domains +https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity +[↩ Parent](#amazoncloudwatchagentspectargetallocator) + + + +If specified, indicates the pod's scheduling constraints + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
nodeAffinityobject + Describes node affinity scheduling rules for the pod.
+ 		false
podAffinityobject + Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
+ 		false
podAntiAffinityobject + Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinity) + + + +Describes node affinity scheduling rules for the pod. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
preferredDuringSchedulingIgnoredDuringExecution[]object + The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node matches the corresponding matchExpressions; the +node(s) with the highest sum are the most preferred.
+ 		false
requiredDuringSchedulingIgnoredDuringExecutionobject + If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to an update), the system +may or may not try to eventually evict the pod from its node.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinity) + + + +An empty preferred scheduling term matches all objects with implicit weight 0 +(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
preferenceobject + A node selector term, associated with the corresponding weight.
+ 		true
weightinteger + Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
+
+ Format: int32
+ 		true
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinitypreferredduringschedulingignoredduringexecutionindex) + + + +A node selector term, associated with the corresponding weight. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + A list of node selector requirements by node's labels.
+ 		false
matchFields[]object + A list of node selector requirements by node's fields.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinitypreferredduringschedulingignoredduringexecutionindexpreference) + + + +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + The label key that the selector applies to.
+ 		true
operatorstring + Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
+ 		true
values[]string + An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinitypreferredduringschedulingignoredduringexecutionindexpreference) + + + +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + The label key that the selector applies to.
+ 		true
operatorstring + Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
+ 		true
values[]string + An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinity) + + + +If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to an update), the system +may or may not try to eventually evict the pod from its node. + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
nodeSelectorTerms[]object + Required. A list of node selector terms. The terms are ORed.
+ 		true
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinityrequiredduringschedulingignoredduringexecution) + + + +A null or empty node selector term matches no objects. The requirements of +them are ANDed. +The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + A list of node selector requirements by node's labels.
+ 		false
matchFields[]object + A list of node selector requirements by node's fields.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsindex) + + + +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + The label key that the selector applies to.
+ 		true
operatorstring + Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
+ 		true
values[]string + An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsindex) + + + +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + The label key that the selector applies to.
+ 		true
operatorstring + Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
+ 		true
values[]string + An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinity) + + + +Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
preferredDuringSchedulingIgnoredDuringExecution[]object + The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred.
+ 		false
requiredDuringSchedulingIgnoredDuringExecution[]object + If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinity) + + + +The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
podAffinityTermobject + Required. A pod affinity term, associated with the corresponding weight.
+ 		true
weightinteger + weight associated with matching the corresponding podAffinityTerm, +in the range 1-100.
+
+ Format: int32
+ 		true
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindex) + + + +Required. A pod affinity term, associated with the corresponding weight. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
topologyKeystring + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed.
+ 		true
labelSelectorobject + A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods.
+ 		false
matchLabelKeys[]string + MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. +Also, MatchLabelKeys cannot be set when LabelSelector isn't set. +This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ 		false
mismatchLabelKeys[]string + MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. +Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. +This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ 		false
namespaceSelectorobject + A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces.
+ 		false
namespaces[]string + namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace".
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinityterm) + + + +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ 		false
matchLabelsmap[string]string + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinitytermlabelselector) + + + +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + key is the label key that the selector applies to.
+ 		true
operatorstring + operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist.
+ 		true
values[]string + values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinityterm) + + + +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ 		false
matchLabelsmap[string]string + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinitytermnamespaceselector) + + + +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + key is the label key that the selector applies to.
+ 		true
operatorstring + operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist.
+ 		true
values[]string + values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinity) + + + +Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
topologyKeystring + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed.
+ 		true
labelSelectorobject + A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods.
+ 		false
matchLabelKeys[]string + MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. +Also, MatchLabelKeys cannot be set when LabelSelector isn't set. +This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ 		false
mismatchLabelKeys[]string + MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. +Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. +This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ 		false
namespaceSelectorobject + A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces.
+ 		false
namespaces[]string + namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace".
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinityrequiredduringschedulingignoredduringexecutionindex) + + + +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ 		false
matchLabelsmap[string]string + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinityrequiredduringschedulingignoredduringexecutionindexlabelselector) + + + +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + key is the label key that the selector applies to.
+ 		true
operatorstring + operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist.
+ 		true
values[]string + values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinityrequiredduringschedulingignoredduringexecutionindex) + + + +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ 		false
matchLabelsmap[string]string + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinityrequiredduringschedulingignoredduringexecutionindexnamespaceselector) + + + +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + key is the label key that the selector applies to.
+ 		true
operatorstring + operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist.
+ 		true
values[]string + values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinity) + + + +Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
preferredDuringSchedulingIgnoredDuringExecution[]object + The scheduler will prefer to schedule pods to nodes that satisfy +the anti-affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling anti-affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred.
+ 		false
requiredDuringSchedulingIgnoredDuringExecution[]object + If the anti-affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the anti-affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinity) + + + +The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
podAffinityTermobject + Required. A pod affinity term, associated with the corresponding weight.
+ 		true
weightinteger + weight associated with matching the corresponding podAffinityTerm, +in the range 1-100.
+
+ Format: int32
+ 		true
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindex) + + + +Required. A pod affinity term, associated with the corresponding weight. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
topologyKeystring + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed.
+ 		true
labelSelectorobject + A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods.
+ 		false
matchLabelKeys[]string + MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. +Also, MatchLabelKeys cannot be set when LabelSelector isn't set. +This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ 		false
mismatchLabelKeys[]string + MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. +Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. +This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ 		false
namespaceSelectorobject + A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces.
+ 		false
namespaces[]string + namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace".
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinityterm) + + + +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ 		false
matchLabelsmap[string]string + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinitytermlabelselector) + + + +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + key is the label key that the selector applies to.
+ 		true
operatorstring + operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist.
+ 		true
values[]string + values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinityterm) + + + +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ 		false
matchLabelsmap[string]string + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinitytermnamespaceselector) + + + +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + key is the label key that the selector applies to.
+ 		true
operatorstring + operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist.
+ 		true
values[]string + values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinity) + + + +Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
topologyKeystring + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed.
+ 		true
labelSelectorobject + A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods.
+ 		false
matchLabelKeys[]string + MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. +Also, MatchLabelKeys cannot be set when LabelSelector isn't set. +This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ 		false
mismatchLabelKeys[]string + MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. +Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. +This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+ 		false
namespaceSelectorobject + A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces.
+ 		false
namespaces[]string + namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace".
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionindex) + + + +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ 		false
matchLabelsmap[string]string + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionindexlabelselector) + + + +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + key is the label key that the selector applies to.
+ 		true
operatorstring + operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist.
+ 		true
values[]string + values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionindex) + + + +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ 		false
matchLabelsmap[string]string + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionindexnamespaceselector) + + + +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + key is the label key that the selector applies to.
+ 		true
operatorstring + operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist.
+ 		true
values[]string + values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.env[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocator) + + + +EnvVar represents an environment variable present in a Container. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
namestring + Name of the environment variable. Must be a C_IDENTIFIER.
+ 		true
valuestring + Variable references $(VAR_NAME) are expanded +using the previously defined environment variables in the container and +any service environment variables. If a variable cannot be resolved, +the reference in the input string will be unchanged. Double $$ are reduced +to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. +"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". +Escaped references will never be expanded, regardless of whether the variable +exists or not. +Defaults to "".
+ 		false
valueFromobject + Source for the environment variable's value. Cannot be used if value is not empty.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom +[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindex) + + + +Source for the environment variable's value. Cannot be used if value is not empty. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
configMapKeyRefobject + Selects a key of a ConfigMap.
+ 		false
fieldRefobject + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ 		false
resourceFieldRefobject + Selects a resource of the container: only resources limits and requests +(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ 		false
secretKeyRefobject + Selects a key of a secret in the pod's namespace
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom.configMapKeyRef +[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindexvaluefrom) + + + +Selects a key of a ConfigMap. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + The key to select.
+ 		true
namestring + Name of the referent. +More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +TODO: Add other useful fields. apiVersion, kind, uid?
+ 		false
optionalboolean + Specify whether the ConfigMap or its key must be defined
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom.fieldRef +[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindexvaluefrom) + + + +Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
fieldPathstring + Path of the field to select in the specified API version.
+ 		true
apiVersionstring + Version of the schema the FieldPath is written in terms of, defaults to "v1".
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom.resourceFieldRef +[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindexvaluefrom) + + + +Selects a resource of the container: only resources limits and requests +(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
resourcestring + Required: resource to select
+ 		true
containerNamestring + Container name: required for volumes, optional for env vars
+ 		false
divisorint or string + Specifies the output format of the exposed resources, defaults to "1"
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom.secretKeyRef +[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindexvaluefrom) + + + +Selects a key of a secret in the pod's namespace + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + The key of the secret to select from. Must be a valid secret key.
+ 		true
namestring + Name of the referent. +More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names +TODO: Add other useful fields. apiVersion, kind, uid?
+ 		false
optionalboolean + Specify whether the Secret or its key must be defined
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.prometheusCR +[↩ Parent](#amazoncloudwatchagentspectargetallocator) + + + +PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval. +All CR instances which the ServiceAccount has access to will be retrieved. This includes other namespaces. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
enabledboolean + Enabled indicates whether to use a PrometheusOperator custom resources as targets or not.
+ 		false
podMonitorSelectormap[string]string + PodMonitors to be selected for target discovery. +This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a +PodMonitor's meta labels. The requirements are ANDed.
+ 		false
scrapeIntervalstring + Interval between consecutive scrapes. Equivalent to the same setting on the Prometheus CRD. + + +Default: "30s"
+
+ Format: duration
+ Default: 30s
+ 		false
serviceMonitorSelectormap[string]string + ServiceMonitors to be selected for target discovery. +This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a +ServiceMonitor's meta labels. The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.resources +[↩ Parent](#amazoncloudwatchagentspectargetallocator) + + + +Resources to set on the OpenTelemetryTargetAllocator containers. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
claims[]object + Claims lists the names of resources, defined in spec.resourceClaims, +that are used by this container. + + +This is an alpha field and requires enabling the +DynamicResourceAllocation feature gate. + + +This field is immutable. It can only be set for containers.
+ 		false
limitsmap[string]int or string + Limits describes the maximum amount of compute resources allowed. +More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ 		false
requestsmap[string]int or string + Requests describes the minimum amount of compute resources required. +If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, +otherwise to an implementation-defined value. Requests cannot exceed Limits. +More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.resources.claims[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatorresources) + + + +ResourceClaim references one entry in PodSpec.ResourceClaims. + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
namestring + Name must match the name of one entry in pod.spec.resourceClaims of +the Pod where this field is used. It makes that resource available +inside a container.
+ 		true
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.securityContext +[↩ Parent](#amazoncloudwatchagentspectargetallocator) + + + +SecurityContext configures the container security context for +the target-allocator. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
fsGroupinteger + A special supplemental group that applies to all containers in a pod. +Some volume types allow the Kubelet to change the ownership of that volume +to be owned by the pod: + + +1. The owning GID will be the FSGroup +2. The setgid bit is set (new files created in the volume will be owned by FSGroup) +3. The permission bits are OR'd with rw-rw---- + + +If unset, the Kubelet will not modify the ownership and permissions of any volume. +Note that this field cannot be set when spec.os.name is windows.
+
+ Format: int64
+ 		false
fsGroupChangePolicystring + fsGroupChangePolicy defines behavior of changing ownership and permission of the volume +before being exposed inside Pod. This field will only apply to +volume types which support fsGroup based ownership(and permissions). +It will have no effect on ephemeral volume types such as: secret, configmaps +and emptydir. +Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. +Note that this field cannot be set when spec.os.name is windows.
+ 		false
runAsGroupinteger + The GID to run the entrypoint of the container process. +Uses runtime default if unset. +May also be set in SecurityContext. If set in both SecurityContext and +PodSecurityContext, the value specified in SecurityContext takes precedence +for that container. +Note that this field cannot be set when spec.os.name is windows.
+
+ Format: int64
+ 		false
runAsNonRootboolean + Indicates that the container must run as a non-root user. +If true, the Kubelet will validate the image at runtime to ensure that it +does not run as UID 0 (root) and fail to start the container if it does. +If unset or false, no such validation will be performed. +May also be set in SecurityContext. If set in both SecurityContext and +PodSecurityContext, the value specified in SecurityContext takes precedence.
+ 		false
runAsUserinteger + The UID to run the entrypoint of the container process. +Defaults to user specified in image metadata if unspecified. +May also be set in SecurityContext. If set in both SecurityContext and +PodSecurityContext, the value specified in SecurityContext takes precedence +for that container. +Note that this field cannot be set when spec.os.name is windows.
+
+ Format: int64
+ 		false
seLinuxOptionsobject + The SELinux context to be applied to all containers. +If unspecified, the container runtime will allocate a random SELinux context for each +container. May also be set in SecurityContext. If set in +both SecurityContext and PodSecurityContext, the value specified in SecurityContext +takes precedence for that container. +Note that this field cannot be set when spec.os.name is windows.
+ 		false
seccompProfileobject + The seccomp options to use by the containers in this pod. +Note that this field cannot be set when spec.os.name is windows.
+ 		false
supplementalGroups[]integer + A list of groups applied to the first process run in each container, in addition +to the container's primary GID, the fsGroup (if specified), and group memberships +defined in the container image for the uid of the container process. If unspecified, +no additional groups are added to any container. Note that group memberships +defined in the container image for the uid of the container process are still effective, +even if they are not included in this list. +Note that this field cannot be set when spec.os.name is windows.
+ 		false
sysctls[]object + Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported +sysctls (by the container runtime) might fail to launch. +Note that this field cannot be set when spec.os.name is windows.
+ 		false
windowsOptionsobject + The Windows specific settings applied to all containers. +If unspecified, the options within a container's SecurityContext will be used. +If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +Note that this field cannot be set when spec.os.name is linux.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.securityContext.seLinuxOptions +[↩ Parent](#amazoncloudwatchagentspectargetallocatorsecuritycontext) + + + +The SELinux context to be applied to all containers. +If unspecified, the container runtime will allocate a random SELinux context for each +container. May also be set in SecurityContext. If set in +both SecurityContext and PodSecurityContext, the value specified in SecurityContext +takes precedence for that container. +Note that this field cannot be set when spec.os.name is windows. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
levelstring + Level is SELinux level label that applies to the container.
+ 		false
rolestring + Role is a SELinux role label that applies to the container.
+ 		false
typestring + Type is a SELinux type label that applies to the container.
+ 		false
userstring + User is a SELinux user label that applies to the container.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.securityContext.seccompProfile +[↩ Parent](#amazoncloudwatchagentspectargetallocatorsecuritycontext) + + + +The seccomp options to use by the containers in this pod. +Note that this field cannot be set when spec.os.name is windows. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
typestring + type indicates which kind of seccomp profile will be applied. +Valid options are: + + +Localhost - a profile defined in a file on the node should be used. +RuntimeDefault - the container runtime default profile should be used. +Unconfined - no profile should be applied.
+ 		true
localhostProfilestring + localhostProfile indicates a profile defined in a file on the node should be used. +The profile must be preconfigured on the node to work. +Must be a descending path, relative to the kubelet's configured seccomp profile location. +Must be set if type is "Localhost". Must NOT be set for any other type.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.securityContext.sysctls[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatorsecuritycontext) + + + +Sysctl defines a kernel parameter to be set + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
namestring + Name of a property to set
+ 		true
valuestring + Value of a property to set
+ 		true
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.securityContext.windowsOptions +[↩ Parent](#amazoncloudwatchagentspectargetallocatorsecuritycontext) + + + +The Windows specific settings applied to all containers. +If unspecified, the options within a container's SecurityContext will be used. +If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +Note that this field cannot be set when spec.os.name is linux. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
gmsaCredentialSpecstring + GMSACredentialSpec is where the GMSA admission webhook +(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the +GMSA credential spec named by the GMSACredentialSpecName field.
+ 		false
gmsaCredentialSpecNamestring + GMSACredentialSpecName is the name of the GMSA credential spec to use.
+ 		false
hostProcessboolean + HostProcess determines if a container should be run as a 'Host Process' container. +All of a Pod's containers must have the same effective HostProcess value +(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). +In addition, if HostProcess is true then HostNetwork must also be set to true.
+ 		false
runAsUserNamestring + The UserName in Windows to run the entrypoint of the container process. +Defaults to the user specified in image metadata if unspecified. +May also be set in PodSecurityContext. If set in both SecurityContext and +PodSecurityContext, the value specified in SecurityContext takes precedence.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.tolerations[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocator) + + + +The pod this Toleration is attached to tolerates any taint that matches +the triple using the matching operator . + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
effectstring + Effect indicates the taint effect to match. Empty means match all taint effects. +When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
+ 		false
keystring + Key is the taint key that the toleration applies to. Empty means match all taint keys. +If the key is empty, operator must be Exists; this combination means to match all values and all keys.
+ 		false
operatorstring + Operator represents a key's relationship to the value. +Valid operators are Exists and Equal. Defaults to Equal. +Exists is equivalent to wildcard for value, so that a pod can +tolerate all taints of a particular category.
+ 		false
tolerationSecondsinteger + TolerationSeconds represents the period of time the toleration (which must be +of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, +it is not set, which means tolerate the taint forever (do not evict). Zero and +negative values will be treated as 0 (evict immediately) by the system.
+
+ Format: int64
+ 		false
valuestring + Value is the taint value the toleration matches to. +If the operator is Exists, the value should be empty, otherwise just a regular string.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.topologySpreadConstraints[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocator) + + + +TopologySpreadConstraint specifies how to spread matching pods among the given topology. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
maxSkewinteger + MaxSkew describes the degree to which pods may be unevenly distributed. +When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference +between the number of matching pods in the target topology and the global minimum. +The global minimum is the minimum number of matching pods in an eligible domain +or zero if the number of eligible domains is less than MinDomains. +For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same +labelSelector spread as 2/2/1: +In this case, the global minimum is 1. +| zone1 | zone2 | zone3 | +| P P | P P | P | +- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; +scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) +violate MaxSkew(1). +- if MaxSkew is 2, incoming pod can be scheduled onto any zone. +When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence +to topologies that satisfy it. +It's a required field. Default value is 1 and 0 is not allowed.
+
+ Format: int32
+ 		true
topologyKeystring + TopologyKey is the key of node labels. Nodes that have a label with this key +and identical values are considered to be in the same topology. +We consider each as a "bucket", and try to put balanced number +of pods into each bucket. +We define a domain as a particular instance of a topology. +Also, we define an eligible domain as a domain whose nodes meet the requirements of +nodeAffinityPolicy and nodeTaintsPolicy. +e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. +And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. +It's a required field.
+ 		true
whenUnsatisfiablestring + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy +the spread constraint. +- DoNotSchedule (default) tells the scheduler not to schedule it. +- ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. +A constraint is considered "Unsatisfiable" for an incoming pod +if and only if every possible node assignment for that pod would violate +"MaxSkew" on some topology. +For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same +labelSelector spread as 3/1/1: +| zone1 | zone2 | zone3 | +| P P P | P | P | +If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled +to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies +MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler +won't make it *more* imbalanced. +It's a required field.
+ 		true
labelSelectorobject + LabelSelector is used to find matching pods. +Pods that match this label selector are counted to determine the number of pods +in their corresponding topology domain.
+ 		false
matchLabelKeys[]string + MatchLabelKeys is a set of pod label keys to select the pods over which +spreading will be calculated. The keys are used to lookup values from the +incoming pod labels, those key-value labels are ANDed with labelSelector +to select the group of existing pods over which spreading will be calculated +for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. +MatchLabelKeys cannot be set when LabelSelector isn't set. +Keys that don't exist in the incoming pod labels will +be ignored. A null or empty list means only match against labelSelector. + + +This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
+ 		false
minDomainsinteger + MinDomains indicates a minimum number of eligible domains. +When the number of eligible domains with matching topology keys is less than minDomains, +Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. +And when the number of eligible domains with matching topology keys equals or greater than minDomains, +this value has no effect on scheduling. +As a result, when the number of eligible domains is less than minDomains, +scheduler won't schedule more than maxSkew Pods to those domains. +If value is nil, the constraint behaves as if MinDomains is equal to 1. +Valid values are integers greater than 0. +When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + +For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same +labelSelector spread as 2/2/2: +| zone1 | zone2 | zone3 | +| P P | P P | P P | +The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. +In this situation, new pod with the same labelSelector cannot be scheduled, +because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, +it will violate MaxSkew. + + +This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+
+ Format: int32
+ 		false
nodeAffinityPolicystring + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector +when calculating pod topology spread skew. Options are: +- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. +- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + +If this value is nil, the behavior is equivalent to the Honor policy. +This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
+ 		false
nodeTaintsPolicystring + NodeTaintsPolicy indicates how we will treat node taints when calculating +pod topology spread skew. Options are: +- Honor: nodes without taints, along with tainted nodes for which the incoming pod +has a toleration, are included. +- Ignore: node taints are ignored. All nodes are included. + + +If this value is nil, the behavior is equivalent to the Ignore policy. +This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.topologySpreadConstraints[index].labelSelector +[↩ Parent](#amazoncloudwatchagentspectargetallocatortopologyspreadconstraintsindex) + + + +LabelSelector is used to find matching pods. +Pods that match this label selector are counted to determine the number of pods +in their corresponding topology domain. + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
matchExpressions[]object + matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ 		false
matchLabelsmap[string]string + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed.
+ 		false
+ + +### AmazonCloudWatchAgent.spec.targetAllocator.topologySpreadConstraints[index].labelSelector.matchExpressions[index] +[↩ Parent](#amazoncloudwatchagentspectargetallocatortopologyspreadconstraintsindexlabelselector) + + + +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
keystring + key is the label key that the selector applies to.
+ 		true
operatorstring + operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist.
+ 		true
values[]string + values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch.
+ 		false
+ + ### AmazonCloudWatchAgent.spec.tolerations[index] [↩ Parent](#amazoncloudwatchagentspec) diff --git a/internal/manifests/collector/ports_test.go b/internal/manifests/collector/ports_test.go index d3aa4403..345c3185 100644 --- a/internal/manifests/collector/ports_test.go +++ b/internal/manifests/collector/ports_test.go @@ -113,7 +113,7 @@ func TestApplicationSignalsXRayTraces(t *testing.T) { func TestApplicationSignalsXRayTracesCustom(t *testing.T) { cfg := getStringFromFile("./test-resources/applicationSignalsXRayTracesCustom.json") containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) - assert.Equal(t, 5, len(containerPorts)) + assert.Equal(t, 6, len(containerPorts)) assert.Equal(t, int32(4311), containerPorts[Server].ContainerPort) assert.Equal(t, Server, containerPorts[Server].Name) assert.Equal(t, corev1.ProtocolTCP, containerPorts[Server].Protocol) @@ -121,12 +121,12 @@ func TestApplicationSignalsXRayTracesCustom(t *testing.T) { assert.Equal(t, AppSignalsGrpc, containerPorts[AppSignalsGrpc].Name) assert.Equal(t, int32(4316), containerPorts[AppSignalsHttp].ContainerPort) assert.Equal(t, AppSignalsHttp, containerPorts[AppSignalsHttp].Name) - assert.Equal(t, int32(2800), containerPorts[XrayTraces].ContainerPort) - assert.Equal(t, XrayTraces, containerPorts[XrayTraces].Name) - assert.Equal(t, corev1.ProtocolUDP, containerPorts[XrayTraces].Protocol) - assert.Equal(t, int32(2900), containerPorts[XrayProxy].ContainerPort) - assert.Equal(t, XrayProxy, containerPorts[XrayProxy].Name) - assert.Equal(t, corev1.ProtocolTCP, containerPorts[XrayProxy].Protocol) + assert.Equal(t, int32(2800), containerPorts[CWA+XrayTraces].ContainerPort) + assert.Equal(t, CWA+XrayTraces, containerPorts[CWA+XrayTraces].Name) + assert.Equal(t, corev1.ProtocolUDP, containerPorts[CWA+XrayTraces].Protocol) + assert.Equal(t, int32(2900), containerPorts[CWA+XrayProxy].ContainerPort) + assert.Equal(t, CWA+XrayProxy, containerPorts[CWA+XrayProxy].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[CWA+XrayProxy].Protocol) assert.Equal(t, int32(2000), containerPorts[AppSignalsProxy].ContainerPort) assert.Equal(t, AppSignalsProxy, containerPorts[AppSignalsProxy].Name) assert.Equal(t, corev1.ProtocolTCP, containerPorts[AppSignalsProxy].Protocol) From 4d9f73655ccda9fd50c5a3f2cdd1c5d304f4948b Mon Sep 17 00:00:00 2001 From: musa-asad Date: Thu, 26 Dec 2024 09:31:47 -0500 Subject: [PATCH 4/6] revert docs/api.md --- docs/api.md | 2901 --------------------------------------------------- 1 file changed, 2901 deletions(-) diff --git a/docs/api.md b/docs/api.md index 885b2413..a5faebc9 100644 --- a/docs/api.md +++ b/docs/api.md @@ -327,13 +327,6 @@ If not specified, the pod priority will be default or zero if there is no default.
false - - prometheus - object - - Prometheus is the raw YAML to be used as the collector's prometheus configuration.
- - false replicas integer @@ -375,13 +368,6 @@ injected sidecar container.
the operator will not automatically create a ServiceAccount for the collector.
false - - targetAllocator - object - - TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not.
- - false terminationGracePeriodSeconds integer @@ -9974,68 +9960,6 @@ More info: https://kubernetes.io/docs/concepts/services-networking/service/#defi -### AmazonCloudWatchAgent.spec.prometheus -[↩ Parent](#amazoncloudwatchagentspec) - - - -Prometheus is the raw YAML to be used as the collector's prometheus configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
configobject - AnyConfig represent parts of the config.
- 		false
report_extra_scrape_metricsboolean -
- 		false
start_time_metric_regexstring -
- 		false
target_allocatorobject - AnyConfig represent parts of the config.
- 		false
trim_metric_suffixesboolean -
- 		false
use_start_time_metricboolean -
- 		false
- - ### AmazonCloudWatchAgent.spec.resources [↩ Parent](#amazoncloudwatchagentspec) @@ -10462,2831 +10386,6 @@ PodSecurityContext, the value specified in SecurityContext takes precedence.
-### AmazonCloudWatchAgent.spec.targetAllocator -[↩ Parent](#amazoncloudwatchagentspec) - - - -TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
affinityobject - If specified, indicates the pod's scheduling constraints
- 		false
allocationStrategyenum - AllocationStrategy determines which strategy the target allocator should use for allocation. -The current option is consistent-hashing.
-
- Enum: consistent-hashing
- 		false
enabledboolean - Enabled indicates whether to use a target allocation mechanism for Prometheus targets or not.
- 		false
env[]object - ENV vars to set on the OpenTelemetry TargetAllocator's Pods. These can then in certain cases be -consumed in the config file for the TargetAllocator.
- 		false
filterStrategystring - FilterStrategy determines how to filter targets before allocating them among the collectors. -The only current option is relabel-config (drops targets based on prom relabel_config). -Filtering is disabled by default.
- 		false
imagestring - Image indicates the container image to use for the OpenTelemetry TargetAllocator.
- 		false
nodeSelectormap[string]string - NodeSelector to schedule OpenTelemetry TargetAllocator pods.
- 		false
prometheusCRobject - PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval. -All CR instances which the ServiceAccount has access to will be retrieved. This includes other namespaces.
- 		false
replicasinteger - Replicas is the number of pod instances for the underlying TargetAllocator. This should only be set to a value -other than 1 if a strategy that allows for high availability is chosen. Currently, the only allocation strategy -that can be run in a high availability mode is consistent-hashing.
-
- Format: int32
- 		false
resourcesobject - Resources to set on the OpenTelemetryTargetAllocator containers.
- 		false
securityContextobject - SecurityContext configures the container security context for -the target-allocator.
- 		false
serviceAccountstring - ServiceAccount indicates the name of an existing service account to use with this instance. When set, -the operator will not automatically create a ServiceAccount for the TargetAllocator.
- 		false
tolerations[]object - Toleration embedded kubernetes pod configuration option, -controls how pods can be scheduled with matching taints
- 		false
topologySpreadConstraints[]object - TopologySpreadConstraints embedded kubernetes pod configuration option, -controls how pods are spread across your cluster among failure-domains -such as regions, zones, nodes, and other user-defined topology domains -https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity -[↩ Parent](#amazoncloudwatchagentspectargetallocator) - - - -If specified, indicates the pod's scheduling constraints - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
nodeAffinityobject - Describes node affinity scheduling rules for the pod.
- 		false
podAffinityobject - Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
- 		false
podAntiAffinityobject - Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinity) - - - -Describes node affinity scheduling rules for the pod. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
preferredDuringSchedulingIgnoredDuringExecution[]object - The scheduler will prefer to schedule pods to nodes that satisfy -the affinity expressions specified by this field, but it may choose -a node that violates one or more of the expressions. The node that is -most preferred is the one with the greatest sum of weights, i.e. -for each node that meets all of the scheduling requirements (resource -request, requiredDuringScheduling affinity expressions, etc.), -compute a sum by iterating through the elements of this field and adding -"weight" to the sum if the node matches the corresponding matchExpressions; the -node(s) with the highest sum are the most preferred.
- 		false
requiredDuringSchedulingIgnoredDuringExecutionobject - If the affinity requirements specified by this field are not met at -scheduling time, the pod will not be scheduled onto the node. -If the affinity requirements specified by this field cease to be met -at some point during pod execution (e.g. due to an update), the system -may or may not try to eventually evict the pod from its node.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinity) - - - -An empty preferred scheduling term matches all objects with implicit weight 0 -(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
preferenceobject - A node selector term, associated with the corresponding weight.
- 		true
weightinteger - Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
-
- Format: int32
- 		true
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinitypreferredduringschedulingignoredduringexecutionindex) - - - -A node selector term, associated with the corresponding weight. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - A list of node selector requirements by node's labels.
- 		false
matchFields[]object - A list of node selector requirements by node's fields.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinitypreferredduringschedulingignoredduringexecutionindexpreference) - - - -A node selector requirement is a selector that contains values, a key, and an operator -that relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - The label key that the selector applies to.
- 		true
operatorstring - Represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- 		true
values[]string - An array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. If the operator is Gt or Lt, the values -array must have a single element, which will be interpreted as an integer. -This array is replaced during a strategic merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinitypreferredduringschedulingignoredduringexecutionindexpreference) - - - -A node selector requirement is a selector that contains values, a key, and an operator -that relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - The label key that the selector applies to.
- 		true
operatorstring - Represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- 		true
values[]string - An array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. If the operator is Gt or Lt, the values -array must have a single element, which will be interpreted as an integer. -This array is replaced during a strategic merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinity) - - - -If the affinity requirements specified by this field are not met at -scheduling time, the pod will not be scheduled onto the node. -If the affinity requirements specified by this field cease to be met -at some point during pod execution (e.g. due to an update), the system -may or may not try to eventually evict the pod from its node. - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
nodeSelectorTerms[]object - Required. A list of node selector terms. The terms are ORed.
- 		true
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinityrequiredduringschedulingignoredduringexecution) - - - -A null or empty node selector term matches no objects. The requirements of -them are ANDed. -The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - A list of node selector requirements by node's labels.
- 		false
matchFields[]object - A list of node selector requirements by node's fields.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsindex) - - - -A node selector requirement is a selector that contains values, a key, and an operator -that relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - The label key that the selector applies to.
- 		true
operatorstring - Represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- 		true
values[]string - An array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. If the operator is Gt or Lt, the values -array must have a single element, which will be interpreted as an integer. -This array is replaced during a strategic merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsindex) - - - -A node selector requirement is a selector that contains values, a key, and an operator -that relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - The label key that the selector applies to.
- 		true
operatorstring - Represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- 		true
values[]string - An array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. If the operator is Gt or Lt, the values -array must have a single element, which will be interpreted as an integer. -This array is replaced during a strategic merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinity) - - - -Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
preferredDuringSchedulingIgnoredDuringExecution[]object - The scheduler will prefer to schedule pods to nodes that satisfy -the affinity expressions specified by this field, but it may choose -a node that violates one or more of the expressions. The node that is -most preferred is the one with the greatest sum of weights, i.e. -for each node that meets all of the scheduling requirements (resource -request, requiredDuringScheduling affinity expressions, etc.), -compute a sum by iterating through the elements of this field and adding -"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the -node(s) with the highest sum are the most preferred.
- 		false
requiredDuringSchedulingIgnoredDuringExecution[]object - If the affinity requirements specified by this field are not met at -scheduling time, the pod will not be scheduled onto the node. -If the affinity requirements specified by this field cease to be met -at some point during pod execution (e.g. due to a pod label update), the -system may or may not try to eventually evict the pod from its node. -When there are multiple elements, the lists of nodes corresponding to each -podAffinityTerm are intersected, i.e. all terms must be satisfied.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinity) - - - -The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
podAffinityTermobject - Required. A pod affinity term, associated with the corresponding weight.
- 		true
weightinteger - weight associated with matching the corresponding podAffinityTerm, -in the range 1-100.
-
- Format: int32
- 		true
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindex) - - - -Required. A pod affinity term, associated with the corresponding weight. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
topologyKeystring - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching -the labelSelector in the specified namespaces, where co-located is defined as running on a node -whose value of the label with key topologyKey matches that of any node on which any of the -selected pods is running. -Empty topologyKey is not allowed.
- 		true
labelSelectorobject - A label query over a set of resources, in this case pods. -If it's null, this PodAffinityTerm matches with no Pods.
- 		false
matchLabelKeys[]string - MatchLabelKeys is a set of pod label keys to select which pods will -be taken into consideration. The keys are used to lookup values from the -incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` -to select the group of existing pods which pods will be taken into consideration -for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming -pod labels will be ignored. The default value is empty. -The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. -Also, MatchLabelKeys cannot be set when LabelSelector isn't set. -This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- 		false
mismatchLabelKeys[]string - MismatchLabelKeys is a set of pod label keys to select which pods will -be taken into consideration. The keys are used to lookup values from the -incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` -to select the group of existing pods which pods will be taken into consideration -for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming -pod labels will be ignored. The default value is empty. -The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. -Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. -This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- 		false
namespaceSelectorobject - A label query over the set of namespaces that the term applies to. -The term is applied to the union of the namespaces selected by this field -and the ones listed in the namespaces field. -null selector and null or empty namespaces list means "this pod's namespace". -An empty selector ({}) matches all namespaces.
- 		false
namespaces[]string - namespaces specifies a static list of namespace names that the term applies to. -The term is applied to the union of the namespaces listed in this field -and the ones selected by namespaceSelector. -null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinityterm) - - - -A label query over a set of resources, in this case pods. -If it's null, this PodAffinityTerm matches with no Pods. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - matchExpressions is a list of label selector requirements. The requirements are ANDed.
- 		false
matchLabelsmap[string]string - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels -map is equivalent to an element of matchExpressions, whose key field is "key", the -operator is "In", and the values array contains only "value". The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinitytermlabelselector) - - - -A label selector requirement is a selector that contains values, a key, and an operator that -relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - key is the label key that the selector applies to.
- 		true
operatorstring - operator represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists and DoesNotExist.
- 		true
values[]string - values is an array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. This array is replaced during a strategic -merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinityterm) - - - -A label query over the set of namespaces that the term applies to. -The term is applied to the union of the namespaces selected by this field -and the ones listed in the namespaces field. -null selector and null or empty namespaces list means "this pod's namespace". -An empty selector ({}) matches all namespaces. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - matchExpressions is a list of label selector requirements. The requirements are ANDed.
- 		false
matchLabelsmap[string]string - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels -map is equivalent to an element of matchExpressions, whose key field is "key", the -operator is "In", and the values array contains only "value". The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinitytermnamespaceselector) - - - -A label selector requirement is a selector that contains values, a key, and an operator that -relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - key is the label key that the selector applies to.
- 		true
operatorstring - operator represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists and DoesNotExist.
- 		true
values[]string - values is an array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. This array is replaced during a strategic -merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinity) - - - -Defines a set of pods (namely those matching the labelSelector -relative to the given namespace(s)) that this pod should be -co-located (affinity) or not co-located (anti-affinity) with, -where co-located is defined as running on a node whose value of -the label with key matches that of any node on which -a pod of the set of pods is running - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
topologyKeystring - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching -the labelSelector in the specified namespaces, where co-located is defined as running on a node -whose value of the label with key topologyKey matches that of any node on which any of the -selected pods is running. -Empty topologyKey is not allowed.
- 		true
labelSelectorobject - A label query over a set of resources, in this case pods. -If it's null, this PodAffinityTerm matches with no Pods.
- 		false
matchLabelKeys[]string - MatchLabelKeys is a set of pod label keys to select which pods will -be taken into consideration. The keys are used to lookup values from the -incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` -to select the group of existing pods which pods will be taken into consideration -for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming -pod labels will be ignored. The default value is empty. -The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. -Also, MatchLabelKeys cannot be set when LabelSelector isn't set. -This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- 		false
mismatchLabelKeys[]string - MismatchLabelKeys is a set of pod label keys to select which pods will -be taken into consideration. The keys are used to lookup values from the -incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` -to select the group of existing pods which pods will be taken into consideration -for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming -pod labels will be ignored. The default value is empty. -The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. -Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. -This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- 		false
namespaceSelectorobject - A label query over the set of namespaces that the term applies to. -The term is applied to the union of the namespaces selected by this field -and the ones listed in the namespaces field. -null selector and null or empty namespaces list means "this pod's namespace". -An empty selector ({}) matches all namespaces.
- 		false
namespaces[]string - namespaces specifies a static list of namespace names that the term applies to. -The term is applied to the union of the namespaces listed in this field -and the ones selected by namespaceSelector. -null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinityrequiredduringschedulingignoredduringexecutionindex) - - - -A label query over a set of resources, in this case pods. -If it's null, this PodAffinityTerm matches with no Pods. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - matchExpressions is a list of label selector requirements. The requirements are ANDed.
- 		false
matchLabelsmap[string]string - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels -map is equivalent to an element of matchExpressions, whose key field is "key", the -operator is "In", and the values array contains only "value". The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinityrequiredduringschedulingignoredduringexecutionindexlabelselector) - - - -A label selector requirement is a selector that contains values, a key, and an operator that -relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - key is the label key that the selector applies to.
- 		true
operatorstring - operator represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists and DoesNotExist.
- 		true
values[]string - values is an array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. This array is replaced during a strategic -merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinityrequiredduringschedulingignoredduringexecutionindex) - - - -A label query over the set of namespaces that the term applies to. -The term is applied to the union of the namespaces selected by this field -and the ones listed in the namespaces field. -null selector and null or empty namespaces list means "this pod's namespace". -An empty selector ({}) matches all namespaces. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - matchExpressions is a list of label selector requirements. The requirements are ANDed.
- 		false
matchLabelsmap[string]string - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels -map is equivalent to an element of matchExpressions, whose key field is "key", the -operator is "In", and the values array contains only "value". The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodaffinityrequiredduringschedulingignoredduringexecutionindexnamespaceselector) - - - -A label selector requirement is a selector that contains values, a key, and an operator that -relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - key is the label key that the selector applies to.
- 		true
operatorstring - operator represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists and DoesNotExist.
- 		true
values[]string - values is an array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. This array is replaced during a strategic -merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinity) - - - -Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
preferredDuringSchedulingIgnoredDuringExecution[]object - The scheduler will prefer to schedule pods to nodes that satisfy -the anti-affinity expressions specified by this field, but it may choose -a node that violates one or more of the expressions. The node that is -most preferred is the one with the greatest sum of weights, i.e. -for each node that meets all of the scheduling requirements (resource -request, requiredDuringScheduling anti-affinity expressions, etc.), -compute a sum by iterating through the elements of this field and adding -"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the -node(s) with the highest sum are the most preferred.
- 		false
requiredDuringSchedulingIgnoredDuringExecution[]object - If the anti-affinity requirements specified by this field are not met at -scheduling time, the pod will not be scheduled onto the node. -If the anti-affinity requirements specified by this field cease to be met -at some point during pod execution (e.g. due to a pod label update), the -system may or may not try to eventually evict the pod from its node. -When there are multiple elements, the lists of nodes corresponding to each -podAffinityTerm are intersected, i.e. all terms must be satisfied.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinity) - - - -The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
podAffinityTermobject - Required. A pod affinity term, associated with the corresponding weight.
- 		true
weightinteger - weight associated with matching the corresponding podAffinityTerm, -in the range 1-100.
-
- Format: int32
- 		true
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindex) - - - -Required. A pod affinity term, associated with the corresponding weight. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
topologyKeystring - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching -the labelSelector in the specified namespaces, where co-located is defined as running on a node -whose value of the label with key topologyKey matches that of any node on which any of the -selected pods is running. -Empty topologyKey is not allowed.
- 		true
labelSelectorobject - A label query over a set of resources, in this case pods. -If it's null, this PodAffinityTerm matches with no Pods.
- 		false
matchLabelKeys[]string - MatchLabelKeys is a set of pod label keys to select which pods will -be taken into consideration. The keys are used to lookup values from the -incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` -to select the group of existing pods which pods will be taken into consideration -for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming -pod labels will be ignored. The default value is empty. -The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. -Also, MatchLabelKeys cannot be set when LabelSelector isn't set. -This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- 		false
mismatchLabelKeys[]string - MismatchLabelKeys is a set of pod label keys to select which pods will -be taken into consideration. The keys are used to lookup values from the -incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` -to select the group of existing pods which pods will be taken into consideration -for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming -pod labels will be ignored. The default value is empty. -The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. -Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. -This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- 		false
namespaceSelectorobject - A label query over the set of namespaces that the term applies to. -The term is applied to the union of the namespaces selected by this field -and the ones listed in the namespaces field. -null selector and null or empty namespaces list means "this pod's namespace". -An empty selector ({}) matches all namespaces.
- 		false
namespaces[]string - namespaces specifies a static list of namespace names that the term applies to. -The term is applied to the union of the namespaces listed in this field -and the ones selected by namespaceSelector. -null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinityterm) - - - -A label query over a set of resources, in this case pods. -If it's null, this PodAffinityTerm matches with no Pods. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - matchExpressions is a list of label selector requirements. The requirements are ANDed.
- 		false
matchLabelsmap[string]string - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels -map is equivalent to an element of matchExpressions, whose key field is "key", the -operator is "In", and the values array contains only "value". The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinitytermlabelselector) - - - -A label selector requirement is a selector that contains values, a key, and an operator that -relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - key is the label key that the selector applies to.
- 		true
operatorstring - operator represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists and DoesNotExist.
- 		true
values[]string - values is an array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. This array is replaced during a strategic -merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinityterm) - - - -A label query over the set of namespaces that the term applies to. -The term is applied to the union of the namespaces selected by this field -and the ones listed in the namespaces field. -null selector and null or empty namespaces list means "this pod's namespace". -An empty selector ({}) matches all namespaces. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - matchExpressions is a list of label selector requirements. The requirements are ANDed.
- 		false
matchLabelsmap[string]string - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels -map is equivalent to an element of matchExpressions, whose key field is "key", the -operator is "In", and the values array contains only "value". The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionindexpodaffinitytermnamespaceselector) - - - -A label selector requirement is a selector that contains values, a key, and an operator that -relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - key is the label key that the selector applies to.
- 		true
operatorstring - operator represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists and DoesNotExist.
- 		true
values[]string - values is an array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. This array is replaced during a strategic -merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinity) - - - -Defines a set of pods (namely those matching the labelSelector -relative to the given namespace(s)) that this pod should be -co-located (affinity) or not co-located (anti-affinity) with, -where co-located is defined as running on a node whose value of -the label with key matches that of any node on which -a pod of the set of pods is running - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
topologyKeystring - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching -the labelSelector in the specified namespaces, where co-located is defined as running on a node -whose value of the label with key topologyKey matches that of any node on which any of the -selected pods is running. -Empty topologyKey is not allowed.
- 		true
labelSelectorobject - A label query over a set of resources, in this case pods. -If it's null, this PodAffinityTerm matches with no Pods.
- 		false
matchLabelKeys[]string - MatchLabelKeys is a set of pod label keys to select which pods will -be taken into consideration. The keys are used to lookup values from the -incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` -to select the group of existing pods which pods will be taken into consideration -for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming -pod labels will be ignored. The default value is empty. -The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. -Also, MatchLabelKeys cannot be set when LabelSelector isn't set. -This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- 		false
mismatchLabelKeys[]string - MismatchLabelKeys is a set of pod label keys to select which pods will -be taken into consideration. The keys are used to lookup values from the -incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` -to select the group of existing pods which pods will be taken into consideration -for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming -pod labels will be ignored. The default value is empty. -The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. -Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. -This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- 		false
namespaceSelectorobject - A label query over the set of namespaces that the term applies to. -The term is applied to the union of the namespaces selected by this field -and the ones listed in the namespaces field. -null selector and null or empty namespaces list means "this pod's namespace". -An empty selector ({}) matches all namespaces.
- 		false
namespaces[]string - namespaces specifies a static list of namespace names that the term applies to. -The term is applied to the union of the namespaces listed in this field -and the ones selected by namespaceSelector. -null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionindex) - - - -A label query over a set of resources, in this case pods. -If it's null, this PodAffinityTerm matches with no Pods. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - matchExpressions is a list of label selector requirements. The requirements are ANDed.
- 		false
matchLabelsmap[string]string - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels -map is equivalent to an element of matchExpressions, whose key field is "key", the -operator is "In", and the values array contains only "value". The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionindexlabelselector) - - - -A label selector requirement is a selector that contains values, a key, and an operator that -relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - key is the label key that the selector applies to.
- 		true
operatorstring - operator represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists and DoesNotExist.
- 		true
values[]string - values is an array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. This array is replaced during a strategic -merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionindex) - - - -A label query over the set of namespaces that the term applies to. -The term is applied to the union of the namespaces selected by this field -and the ones listed in the namespaces field. -null selector and null or empty namespaces list means "this pod's namespace". -An empty selector ({}) matches all namespaces. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - matchExpressions is a list of label selector requirements. The requirements are ANDed.
- 		false
matchLabelsmap[string]string - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels -map is equivalent to an element of matchExpressions, whose key field is "key", the -operator is "In", and the values array contains only "value". The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatoraffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionindexnamespaceselector) - - - -A label selector requirement is a selector that contains values, a key, and an operator that -relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - key is the label key that the selector applies to.
- 		true
operatorstring - operator represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists and DoesNotExist.
- 		true
values[]string - values is an array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. This array is replaced during a strategic -merge patch.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.env[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocator) - - - -EnvVar represents an environment variable present in a Container. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
namestring - Name of the environment variable. Must be a C_IDENTIFIER.
- 		true
valuestring - Variable references $(VAR_NAME) are expanded -using the previously defined environment variables in the container and -any service environment variables. If a variable cannot be resolved, -the reference in the input string will be unchanged. Double $$ are reduced -to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. -"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". -Escaped references will never be expanded, regardless of whether the variable -exists or not. -Defaults to "".
- 		false
valueFromobject - Source for the environment variable's value. Cannot be used if value is not empty.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom -[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindex) - - - -Source for the environment variable's value. Cannot be used if value is not empty. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
configMapKeyRefobject - Selects a key of a ConfigMap.
- 		false
fieldRefobject - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
- 		false
resourceFieldRefobject - Selects a resource of the container: only resources limits and requests -(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
- 		false
secretKeyRefobject - Selects a key of a secret in the pod's namespace
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom.configMapKeyRef -[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindexvaluefrom) - - - -Selects a key of a ConfigMap. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - The key to select.
- 		true
namestring - Name of the referent. -More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names -TODO: Add other useful fields. apiVersion, kind, uid?
- 		false
optionalboolean - Specify whether the ConfigMap or its key must be defined
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom.fieldRef -[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindexvaluefrom) - - - -Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
fieldPathstring - Path of the field to select in the specified API version.
- 		true
apiVersionstring - Version of the schema the FieldPath is written in terms of, defaults to "v1".
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom.resourceFieldRef -[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindexvaluefrom) - - - -Selects a resource of the container: only resources limits and requests -(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
resourcestring - Required: resource to select
- 		true
containerNamestring - Container name: required for volumes, optional for env vars
- 		false
divisorint or string - Specifies the output format of the exposed resources, defaults to "1"
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.env[index].valueFrom.secretKeyRef -[↩ Parent](#amazoncloudwatchagentspectargetallocatorenvindexvaluefrom) - - - -Selects a key of a secret in the pod's namespace - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - The key of the secret to select from. Must be a valid secret key.
- 		true
namestring - Name of the referent. -More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names -TODO: Add other useful fields. apiVersion, kind, uid?
- 		false
optionalboolean - Specify whether the Secret or its key must be defined
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.prometheusCR -[↩ Parent](#amazoncloudwatchagentspectargetallocator) - - - -PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval. -All CR instances which the ServiceAccount has access to will be retrieved. This includes other namespaces. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
enabledboolean - Enabled indicates whether to use a PrometheusOperator custom resources as targets or not.
- 		false
podMonitorSelectormap[string]string - PodMonitors to be selected for target discovery. -This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a -PodMonitor's meta labels. The requirements are ANDed.
- 		false
scrapeIntervalstring - Interval between consecutive scrapes. Equivalent to the same setting on the Prometheus CRD. - - -Default: "30s"
-
- Format: duration
- Default: 30s
- 		false
serviceMonitorSelectormap[string]string - ServiceMonitors to be selected for target discovery. -This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a -ServiceMonitor's meta labels. The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.resources -[↩ Parent](#amazoncloudwatchagentspectargetallocator) - - - -Resources to set on the OpenTelemetryTargetAllocator containers. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
claims[]object - Claims lists the names of resources, defined in spec.resourceClaims, -that are used by this container. - - -This is an alpha field and requires enabling the -DynamicResourceAllocation feature gate. - - -This field is immutable. It can only be set for containers.
- 		false
limitsmap[string]int or string - Limits describes the maximum amount of compute resources allowed. -More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- 		false
requestsmap[string]int or string - Requests describes the minimum amount of compute resources required. -If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, -otherwise to an implementation-defined value. Requests cannot exceed Limits. -More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.resources.claims[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatorresources) - - - -ResourceClaim references one entry in PodSpec.ResourceClaims. - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
namestring - Name must match the name of one entry in pod.spec.resourceClaims of -the Pod where this field is used. It makes that resource available -inside a container.
- 		true
- - -### AmazonCloudWatchAgent.spec.targetAllocator.securityContext -[↩ Parent](#amazoncloudwatchagentspectargetallocator) - - - -SecurityContext configures the container security context for -the target-allocator. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
fsGroupinteger - A special supplemental group that applies to all containers in a pod. -Some volume types allow the Kubelet to change the ownership of that volume -to be owned by the pod: - - -1. The owning GID will be the FSGroup -2. The setgid bit is set (new files created in the volume will be owned by FSGroup) -3. The permission bits are OR'd with rw-rw---- - - -If unset, the Kubelet will not modify the ownership and permissions of any volume. -Note that this field cannot be set when spec.os.name is windows.
-
- Format: int64
- 		false
fsGroupChangePolicystring - fsGroupChangePolicy defines behavior of changing ownership and permission of the volume -before being exposed inside Pod. This field will only apply to -volume types which support fsGroup based ownership(and permissions). -It will have no effect on ephemeral volume types such as: secret, configmaps -and emptydir. -Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. -Note that this field cannot be set when spec.os.name is windows.
- 		false
runAsGroupinteger - The GID to run the entrypoint of the container process. -Uses runtime default if unset. -May also be set in SecurityContext. If set in both SecurityContext and -PodSecurityContext, the value specified in SecurityContext takes precedence -for that container. -Note that this field cannot be set when spec.os.name is windows.
-
- Format: int64
- 		false
runAsNonRootboolean - Indicates that the container must run as a non-root user. -If true, the Kubelet will validate the image at runtime to ensure that it -does not run as UID 0 (root) and fail to start the container if it does. -If unset or false, no such validation will be performed. -May also be set in SecurityContext. If set in both SecurityContext and -PodSecurityContext, the value specified in SecurityContext takes precedence.
- 		false
runAsUserinteger - The UID to run the entrypoint of the container process. -Defaults to user specified in image metadata if unspecified. -May also be set in SecurityContext. If set in both SecurityContext and -PodSecurityContext, the value specified in SecurityContext takes precedence -for that container. -Note that this field cannot be set when spec.os.name is windows.
-
- Format: int64
- 		false
seLinuxOptionsobject - The SELinux context to be applied to all containers. -If unspecified, the container runtime will allocate a random SELinux context for each -container. May also be set in SecurityContext. If set in -both SecurityContext and PodSecurityContext, the value specified in SecurityContext -takes precedence for that container. -Note that this field cannot be set when spec.os.name is windows.
- 		false
seccompProfileobject - The seccomp options to use by the containers in this pod. -Note that this field cannot be set when spec.os.name is windows.
- 		false
supplementalGroups[]integer - A list of groups applied to the first process run in each container, in addition -to the container's primary GID, the fsGroup (if specified), and group memberships -defined in the container image for the uid of the container process. If unspecified, -no additional groups are added to any container. Note that group memberships -defined in the container image for the uid of the container process are still effective, -even if they are not included in this list. -Note that this field cannot be set when spec.os.name is windows.
- 		false
sysctls[]object - Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported -sysctls (by the container runtime) might fail to launch. -Note that this field cannot be set when spec.os.name is windows.
- 		false
windowsOptionsobject - The Windows specific settings applied to all containers. -If unspecified, the options within a container's SecurityContext will be used. -If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -Note that this field cannot be set when spec.os.name is linux.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.securityContext.seLinuxOptions -[↩ Parent](#amazoncloudwatchagentspectargetallocatorsecuritycontext) - - - -The SELinux context to be applied to all containers. -If unspecified, the container runtime will allocate a random SELinux context for each -container. May also be set in SecurityContext. If set in -both SecurityContext and PodSecurityContext, the value specified in SecurityContext -takes precedence for that container. -Note that this field cannot be set when spec.os.name is windows. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
levelstring - Level is SELinux level label that applies to the container.
- 		false
rolestring - Role is a SELinux role label that applies to the container.
- 		false
typestring - Type is a SELinux type label that applies to the container.
- 		false
userstring - User is a SELinux user label that applies to the container.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.securityContext.seccompProfile -[↩ Parent](#amazoncloudwatchagentspectargetallocatorsecuritycontext) - - - -The seccomp options to use by the containers in this pod. -Note that this field cannot be set when spec.os.name is windows. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
typestring - type indicates which kind of seccomp profile will be applied. -Valid options are: - - -Localhost - a profile defined in a file on the node should be used. -RuntimeDefault - the container runtime default profile should be used. -Unconfined - no profile should be applied.
- 		true
localhostProfilestring - localhostProfile indicates a profile defined in a file on the node should be used. -The profile must be preconfigured on the node to work. -Must be a descending path, relative to the kubelet's configured seccomp profile location. -Must be set if type is "Localhost". Must NOT be set for any other type.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.securityContext.sysctls[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatorsecuritycontext) - - - -Sysctl defines a kernel parameter to be set - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
namestring - Name of a property to set
- 		true
valuestring - Value of a property to set
- 		true
- - -### AmazonCloudWatchAgent.spec.targetAllocator.securityContext.windowsOptions -[↩ Parent](#amazoncloudwatchagentspectargetallocatorsecuritycontext) - - - -The Windows specific settings applied to all containers. -If unspecified, the options within a container's SecurityContext will be used. -If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -Note that this field cannot be set when spec.os.name is linux. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
gmsaCredentialSpecstring - GMSACredentialSpec is where the GMSA admission webhook -(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the -GMSA credential spec named by the GMSACredentialSpecName field.
- 		false
gmsaCredentialSpecNamestring - GMSACredentialSpecName is the name of the GMSA credential spec to use.
- 		false
hostProcessboolean - HostProcess determines if a container should be run as a 'Host Process' container. -All of a Pod's containers must have the same effective HostProcess value -(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). -In addition, if HostProcess is true then HostNetwork must also be set to true.
- 		false
runAsUserNamestring - The UserName in Windows to run the entrypoint of the container process. -Defaults to the user specified in image metadata if unspecified. -May also be set in PodSecurityContext. If set in both SecurityContext and -PodSecurityContext, the value specified in SecurityContext takes precedence.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.tolerations[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocator) - - - -The pod this Toleration is attached to tolerates any taint that matches -the triple using the matching operator . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
effectstring - Effect indicates the taint effect to match. Empty means match all taint effects. -When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- 		false
keystring - Key is the taint key that the toleration applies to. Empty means match all taint keys. -If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- 		false
operatorstring - Operator represents a key's relationship to the value. -Valid operators are Exists and Equal. Defaults to Equal. -Exists is equivalent to wildcard for value, so that a pod can -tolerate all taints of a particular category.
- 		false
tolerationSecondsinteger - TolerationSeconds represents the period of time the toleration (which must be -of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, -it is not set, which means tolerate the taint forever (do not evict). Zero and -negative values will be treated as 0 (evict immediately) by the system.
-
- Format: int64
- 		false
valuestring - Value is the taint value the toleration matches to. -If the operator is Exists, the value should be empty, otherwise just a regular string.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.topologySpreadConstraints[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocator) - - - -TopologySpreadConstraint specifies how to spread matching pods among the given topology. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
maxSkewinteger - MaxSkew describes the degree to which pods may be unevenly distributed. -When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference -between the number of matching pods in the target topology and the global minimum. -The global minimum is the minimum number of matching pods in an eligible domain -or zero if the number of eligible domains is less than MinDomains. -For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same -labelSelector spread as 2/2/1: -In this case, the global minimum is 1. -| zone1 | zone2 | zone3 | -| P P | P P | P | -- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; -scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) -violate MaxSkew(1). -- if MaxSkew is 2, incoming pod can be scheduled onto any zone. -When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence -to topologies that satisfy it. -It's a required field. Default value is 1 and 0 is not allowed.
-
- Format: int32
- 		true
topologyKeystring - TopologyKey is the key of node labels. Nodes that have a label with this key -and identical values are considered to be in the same topology. -We consider each as a "bucket", and try to put balanced number -of pods into each bucket. -We define a domain as a particular instance of a topology. -Also, we define an eligible domain as a domain whose nodes meet the requirements of -nodeAffinityPolicy and nodeTaintsPolicy. -e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. -And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. -It's a required field.
- 		true
whenUnsatisfiablestring - WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy -the spread constraint. -- DoNotSchedule (default) tells the scheduler not to schedule it. -- ScheduleAnyway tells the scheduler to schedule the pod in any location, - but giving higher precedence to topologies that would help reduce the - skew. -A constraint is considered "Unsatisfiable" for an incoming pod -if and only if every possible node assignment for that pod would violate -"MaxSkew" on some topology. -For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same -labelSelector spread as 3/1/1: -| zone1 | zone2 | zone3 | -| P P P | P | P | -If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled -to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies -MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler -won't make it *more* imbalanced. -It's a required field.
- 		true
labelSelectorobject - LabelSelector is used to find matching pods. -Pods that match this label selector are counted to determine the number of pods -in their corresponding topology domain.
- 		false
matchLabelKeys[]string - MatchLabelKeys is a set of pod label keys to select the pods over which -spreading will be calculated. The keys are used to lookup values from the -incoming pod labels, those key-value labels are ANDed with labelSelector -to select the group of existing pods over which spreading will be calculated -for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. -MatchLabelKeys cannot be set when LabelSelector isn't set. -Keys that don't exist in the incoming pod labels will -be ignored. A null or empty list means only match against labelSelector. - - -This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
- 		false
minDomainsinteger - MinDomains indicates a minimum number of eligible domains. -When the number of eligible domains with matching topology keys is less than minDomains, -Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. -And when the number of eligible domains with matching topology keys equals or greater than minDomains, -this value has no effect on scheduling. -As a result, when the number of eligible domains is less than minDomains, -scheduler won't schedule more than maxSkew Pods to those domains. -If value is nil, the constraint behaves as if MinDomains is equal to 1. -Valid values are integers greater than 0. -When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - - -For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same -labelSelector spread as 2/2/2: -| zone1 | zone2 | zone3 | -| P P | P P | P P | -The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. -In this situation, new pod with the same labelSelector cannot be scheduled, -because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, -it will violate MaxSkew. - - -This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
-
- Format: int32
- 		false
nodeAffinityPolicystring - NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector -when calculating pod topology spread skew. Options are: -- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. -- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - - -If this value is nil, the behavior is equivalent to the Honor policy. -This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- 		false
nodeTaintsPolicystring - NodeTaintsPolicy indicates how we will treat node taints when calculating -pod topology spread skew. Options are: -- Honor: nodes without taints, along with tainted nodes for which the incoming pod -has a toleration, are included. -- Ignore: node taints are ignored. All nodes are included. - - -If this value is nil, the behavior is equivalent to the Ignore policy. -This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.topologySpreadConstraints[index].labelSelector -[↩ Parent](#amazoncloudwatchagentspectargetallocatortopologyspreadconstraintsindex) - - - -LabelSelector is used to find matching pods. -Pods that match this label selector are counted to determine the number of pods -in their corresponding topology domain. - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
matchExpressions[]object - matchExpressions is a list of label selector requirements. The requirements are ANDed.
- 		false
matchLabelsmap[string]string - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels -map is equivalent to an element of matchExpressions, whose key field is "key", the -operator is "In", and the values array contains only "value". The requirements are ANDed.
- 		false
- - -### AmazonCloudWatchAgent.spec.targetAllocator.topologySpreadConstraints[index].labelSelector.matchExpressions[index] -[↩ Parent](#amazoncloudwatchagentspectargetallocatortopologyspreadconstraintsindexlabelselector) - - - -A label selector requirement is a selector that contains values, a key, and an operator that -relates the key and values. - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameTypeDescriptionRequired
keystring - key is the label key that the selector applies to.
- 		true
operatorstring - operator represents a key's relationship to a set of values. -Valid operators are In, NotIn, Exists and DoesNotExist.
- 		true
values[]string - values is an array of string values. If the operator is In or NotIn, -the values array must be non-empty. If the operator is Exists or DoesNotExist, -the values array must be empty. This array is replaced during a strategic -merge patch.
- 		false
- - ### AmazonCloudWatchAgent.spec.tolerations[index] [↩ Parent](#amazoncloudwatchagentspec) From 412c01d31716d39e38e3c1cda1b4bcd5f5d227a2 Mon Sep 17 00:00:00 2001 From: musa-asad Date: Thu, 26 Dec 2024 16:14:22 -0500 Subject: [PATCH 5/6] add custom udp test --- internal/manifests/collector/ports_test.go | 12 ++++++++++++ .../collector/test-resources/xRayCustomUDP.json | 9 +++++++++ 2 files changed, 21 insertions(+) create mode 100644 internal/manifests/collector/test-resources/xRayCustomUDP.json diff --git a/internal/manifests/collector/ports_test.go b/internal/manifests/collector/ports_test.go index 345c3185..87c41c94 100644 --- a/internal/manifests/collector/ports_test.go +++ b/internal/manifests/collector/ports_test.go @@ -132,6 +132,18 @@ func TestApplicationSignalsXRayTracesCustom(t *testing.T) { assert.Equal(t, corev1.ProtocolTCP, containerPorts[AppSignalsProxy].Protocol) } +func TestXRayCustomUDP(t *testing.T) { + cfg := getStringFromFile("./test-resources/xRayCustomUDP.json") + containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) + assert.Equal(t, 2, len(containerPorts)) + assert.Equal(t, int32(2800), containerPorts[CWA+XrayTraces].ContainerPort) + assert.Equal(t, CWA+XrayTraces, containerPorts[CWA+XrayTraces].Name) + assert.Equal(t, corev1.ProtocolUDP, containerPorts[CWA+XrayTraces].Protocol) + assert.Equal(t, int32(2000), containerPorts[XrayProxy].ContainerPort) + assert.Equal(t, XrayProxy, containerPorts[XrayProxy].Name) + assert.Equal(t, corev1.ProtocolTCP, containerPorts[XrayProxy].Protocol) +} + func TestEMFGetContainerPorts(t *testing.T) { cfg := getStringFromFile("./test-resources/emfAgentConfig.json") containerPorts := getContainerPorts(logger, cfg, "", []corev1.ServicePort{}) diff --git a/internal/manifests/collector/test-resources/xRayCustomUDP.json b/internal/manifests/collector/test-resources/xRayCustomUDP.json new file mode 100644 index 00000000..3af10b8f --- /dev/null +++ b/internal/manifests/collector/test-resources/xRayCustomUDP.json @@ -0,0 +1,9 @@ +{ + "traces": { + "traces_collected": { + "xray": { + "bind_address": "127.0.0.1:2800" + } + } + } +} \ No newline at end of file From 8d9576eec8874f71236edfd0f476f6dad03ec262 Mon Sep 17 00:00:00 2001 From: musa-asad Date: Fri, 10 Jan 2025 03:57:06 -0500 Subject: [PATCH 6/6] address nits --- .../config/config.go | 3 +- .../manifests/collector/config_replace.go | 3 +- internal/manifests/collector/ports.go | 50 ++++++------------- 3 files changed, 18 insertions(+), 38 deletions(-) diff --git a/cmd/amazon-cloudwatch-agent-target-allocator/config/config.go b/cmd/amazon-cloudwatch-agent-target-allocator/config/config.go index 26592946..6a10c457 100644 --- a/cmd/amazon-cloudwatch-agent-target-allocator/config/config.go +++ b/cmd/amazon-cloudwatch-agent-target-allocator/config/config.go @@ -13,8 +13,6 @@ import ( "os" "time" - "sigs.k8s.io/controller-runtime/pkg/certwatcher" - "github.com/go-logr/logr" "github.com/prometheus/common/model" promconfig "github.com/prometheus/prometheus/config" @@ -26,6 +24,7 @@ import ( "k8s.io/client-go/tools/clientcmd" "k8s.io/klog/v2" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/certwatcher" "sigs.k8s.io/controller-runtime/pkg/log/zap" tamanifest "github.com/aws/amazon-cloudwatch-agent-operator/internal/manifests/targetallocator" diff --git a/internal/manifests/collector/config_replace.go b/internal/manifests/collector/config_replace.go index e2f31aaf..04903caa 100644 --- a/internal/manifests/collector/config_replace.go +++ b/internal/manifests/collector/config_replace.go @@ -10,9 +10,8 @@ import ( promconfig "github.com/prometheus/prometheus/config" _ "github.com/prometheus/prometheus/discovery/install" // Package install has the side-effect of registering all builtin. - "gopkg.in/yaml.v2" - "go.opentelemetry.io/collector/confmap" + "gopkg.in/yaml.v2" "github.com/aws/amazon-cloudwatch-agent-operator/apis/v1alpha1" "github.com/aws/amazon-cloudwatch-agent-operator/internal/manifests/collector/adapters" diff --git a/internal/manifests/collector/ports.go b/internal/manifests/collector/ports.go index fab578f1..082eece8 100644 --- a/internal/manifests/collector/ports.go +++ b/internal/manifests/collector/ports.go @@ -181,28 +181,17 @@ func getReceiverServicePort(logger logr.Logger, serviceAddress string, receiverN return } } - name := CWA + receiverName - if receiverName == OtlpGrpc || receiverName == OtlpHttp { - name = fmt.Sprintf("%s-%d", receiverName, port) - } - sp := corev1.ServicePort{ - Name: name, - Port: port, - Protocol: protocol, - } - servicePortsMap[port] = append(servicePortsMap[port], sp) - } else { - name := CWA + receiverName - if receiverName == OtlpGrpc || receiverName == OtlpHttp { - name = fmt.Sprintf("%s-%d", receiverName, port) - } - sp := corev1.ServicePort{ - Name: name, - Port: port, - Protocol: protocol, - } - servicePortsMap[port] = []corev1.ServicePort{sp} } + name := CWA + receiverName + if receiverName == OtlpGrpc || receiverName == OtlpHttp { + name = fmt.Sprintf("%s-%d", receiverName, port) + } + sp := corev1.ServicePort{ + Name: name, + Port: port, + Protocol: protocol, + } + servicePortsMap[port] = append(servicePortsMap[port], sp) } } else { defaultPort := receiverDefaultPortsMap[receiverName] @@ -213,20 +202,13 @@ func getReceiverServicePort(logger logr.Logger, serviceAddress string, receiverN return } } - sp := corev1.ServicePort{ - Name: receiverName, - Port: defaultPort, - Protocol: protocol, - } - servicePortsMap[defaultPort] = append(servicePortsMap[defaultPort], sp) - } else { - sp := corev1.ServicePort{ - Name: receiverName, - Port: defaultPort, - Protocol: protocol, - } - servicePortsMap[defaultPort] = []corev1.ServicePort{sp} } + sp := corev1.ServicePort{ + Name: receiverName, + Port: defaultPort, + Protocol: protocol, + } + servicePortsMap[defaultPort] = append(servicePortsMap[defaultPort], sp) } }